26 May, 2026
Digital Threat Report 2025–26
Mon 13 Jul, 2026
The Ministry of Electronics and Information Technology (MeitY), in collaboration with the Indian Computer Emergency Response Team (CERT-In), Computer Security Incident Response Team in Finance (CSIRT-Fin) and SISA, released the second edition of the Digital Threat Report 2025–26 for the Banking, Financial Services and Insurance (BFSI) and digital payments ecosystem.
Key Highlights
Objective
The report provides:
- A comprehensive assessment of emerging cyber threats in the BFSI sector.
- Actionable recommendations for financial institutions, regulators, and cybersecurity leaders.
- An 18-month strategic roadmap to enhance cyber resilience.
Major Findings
1. Cyber Threats are Evolving Rapidly
- Six out of the seven cyber threat predictions made in the previous report have already become reality.
- The gap between the emergence and exploitation of cyber threats has shrunk from years to months or even weeks.
2. AI is Changing the Cybersecurity Landscape
The report identifies Artificial Intelligence (AI) asymmetry as one of the biggest emerging risks.
AI enables cybercriminals to:
- Launch sophisticated attacks faster.
- Automate phishing and malware.
- Conduct credential theft.
- Exploit cloud infrastructure with minimal resources.
As a result, offensive cyber capabilities are growing faster than defensive and regulatory mechanisms.
3. Shift in Nature of Cyber Attacks
Traditional hacking methods are being replaced by attacks that appear legitimate.
Common attack methods include:
- Social Engineering
- Credential Theft
- Supply Chain Attacks
- Cloud Exploitation
- AI-driven Fraud
These attacks often resemble:
- Genuine user sessions
- Approved digital payments
- Legitimate workflows
making them difficult to detect.
4. Anatomy of Cyber Failure Framework
A major feature of this edition is the introduction of the:
"4-Layer Gap Archetype Framework"
The framework helps institutions:
- Identify systemic weaknesses.
- Understand how cyber breaches escalate.
- Prioritize cybersecurity investments.
- Build stronger security architecture.
5. 18-Month Roadmap
The report recommends:
- Strengthening foundational cyber controls.
- Continuous risk assessment.
- Real-time monitoring.
- Improved information sharing.
- Coordinated incident response.
- AI-enabled cyber defence.
About CERT-In
| Full Name | Indian Computer Emergency Response Team |
| Parent Ministry | Ministry of Electronics & Information Technology (MeitY) |
| Established | 2004 |
| Legal Status | Designated under the Information Technology (Amendment) Act, 2008 |
| Headquarters | New Delhi |
| Role | National nodal agency for responding to cyber security incidents |
Functions
- Collection and analysis of cyber incident data.
- Issuing cyber alerts.
- Incident response coordination.
- Publishing security advisories.
- Vulnerability assessment.
- Cybersecurity awareness.
About CSIRT-Fin
Full Form
Computer Security Incident Response Team in Finance
Role
Sector-specific cybersecurity agency for India's financial sector.
Functions
- Cyber incident prevention.
- Threat intelligence.
- Incident response.
- Coordination among:
-
- Banks
- Insurance companies
- Securities markets
- Pension funds
- Issuing sector-specific cybersecurity advisories.
About SISA
- Global cybersecurity company specializing in the payments ecosystem.
- Operates in 40+ countries.
- Secures more than 1,000 organizations worldwide.
- Focus areas:
- AI Security
- Payment Security
- Digital Forensics
- Incident Response
Significance for India
- Strengthens cybersecurity in India's rapidly growing Digital Public Infrastructure (DPI).
- Protects the BFSI sector, which forms the backbone of the digital economy.
- Enhances resilience against AI-powered cyber threats.
- Supports secure digital payments under initiatives such as Digital India and UPI.
- Improves coordination among regulators, financial institutions, and cybersecurity agencies.
Challenges
- Increasing use of AI by cybercriminals.
- Sophisticated phishing and social engineering attacks.
- Supply chain vulnerabilities.
- Cloud security risks.
- Shortage of skilled cybersecurity professionals.
- Rapidly evolving threat landscape.
Way Forward
- Adopt Zero Trust Architecture.
- Increase AI-driven cyber defence mechanisms.
- Strengthen cyber threat intelligence sharing.
- Conduct regular cybersecurity audits.
- Enhance public-private collaboration.
- Build cyber awareness among financial institutions and customers.
- Implement continuous monitoring instead of periodic security assessments.









