SYLLABUS
GS-3: Basics of cyber security; role of social networking sites in internal security challenges.
Context: The Ministry of Electronics and Information Technology (MeitY), along with CERT-In, CSIRT-Fin and SISA, released the 2nd edition of the Digital Threat Report 2025–26 for India’s Banking, Financial Services and Insurance (BFSI) and digital payments ecosystem.
About the Report
- Released by MeitY, CERT-In, CSIRT-Fin and SISA for the BFSI and digital payments ecosystem.
- Provides an executive assessment of the evolving cyber threat landscape for financial institutions, regulators and cybersecurity leaders.
- Based on Digital Forensics and Incident Response (DFIR) research, CERT-In & CSIRT-Fin observations, and research on adversarial Artificial Intelligence (AI).
- Introduces the “Anatomy of Cyber Failure”, a 4-Layer Gap Archetype Framework explaining how modern cyber breaches occur through systemic weaknesses.
- Presents an 18-month roadmap to strengthen foundational controls, build continuous cyber resilience, and develop resilient security architectures.

Key Findings of the Report
- Cyber risks have expanded: Cybersecurity risks have evolved beyond data theft and isolated breaches.
- They now include transaction integrity, customer trust, operational continuity, third-party dependencies, AI models and confidence in digital financial infrastructure.
- AI Asymmetry: The report identifies AI asymmetry as the defining risk.
- Cyberattacks that earlier required specialist teams and weeks of effort can now be executed at machine speed by comparatively low-resource threat actors.
- Predictions realised faster: Six of the seven predictions made in the previous edition have already reached full-scale realisation.
- This shows that the time between the emergence of a threat and its operational exploitation has shrunk from years to months or even weeks.
- Emerging threats are now mainstream: Threats such as social engineering, credential theft, supply-chain compromise, cloud exploitation, Business Email Compromise (BEC), session hijacking and deepfake-enabled fraud have become established attack methods.
- Attacks exploit digital trust: Modern attacks increasingly appear as legitimate user sessions, authorised payments, normal workflows and trusted partner interactions.
- This makes them difficult to distinguish from genuine activity until significant damage has occurred.
- Systemic cyber risks: Cyber risks now extend across identity systems, AI models, real-time payment rails, cloud infrastructure, supply chains, APIs, partner platforms, machine identities and agentic AI.
- This makes cyber resilience a shared responsibility.
- India’s BFSI sector remains highly targeted: Cyberattacks on India’s BFSI sector are 1.6 times the global average.
- Incidents have increased from 1.4 million (2021) to 2.9 million (2025).
- Supply-chain compromise has become a major systemic cyber risk: A single compromised vendor can simultaneously affect multiple financial institutions.
- Ransomware groups are also increasingly shifting from file encryption to data theft and extortion.
- Attackers are moving faster than defenders: Zero-day exploitation windows have compressed from weeks or months to hours.
- The average time to identify and contain a breach remains around 263 days.
- Shift from static controls to continuous assurance: The report calls for a shift from periodic compliance-based security to continuous risk assessment, coordinated response, stronger information sharing and continuous assurance across the financial ecosystem.
- Anatomy of Cyber Failure: The report introduces the 4-Layer Gap Archetype Framework.
- It shows that modern cyber breaches result from a chain of Design, Enforcement, Signal and Response gaps rather than a single security lapse.
Way Forward / Recommended Priorities
- Phishing-resistant Multi-Factor Authentication (MFA).
- Passwordless authentication.
- Continuous risk assessment.
- Behavioural biometrics and continuous session assurance.
- Stronger identity governance covering human, machine and AI identities.
- Adversarial robustness testing before deploying AI in critical financial decisions.
- Migration towards post-quantum cryptography.
- Enhanced information sharing and coordinated incident response across the financial ecosystem.
