Emerging Threats, AI Risks, and the Future of Digital Defense: Insights from Sundar Balasubramanian, Managing Director for India and South Asia at Check Point Software Technologies
With organizations facing an unprecedented surge in cyberattacks—averaging 3,291 attacks per week, significantly higher than the global average—the urgency for robust cybersecurity measures has never been greater. From AI-powered phishing scams to ransomware threats and deepfake frauds, cybercriminals are leveraging advanced technologies to outmaneuver traditional defenses.
In this interview with Sundar Balasubramanian, Managing Director for India and South Asia at Check Point Software Technologies, we delve into India’s evolving cybersecurity landscape, the impact of generative AI on cyber threats, and the strategies businesses must adopt to stay ahead of sophisticated attacks
Could you provide an overview of the cybersecurity landscape in India as we stand today? What are the primary threats organizations are facing?
India’s cyber security landscape is evolving rapidly, driven by the country’s growing digital economy and increasing reliance on technology. However, this growth has also made Indian organizations prime targets for cyberattacks. According to Check Point’s Threat Intelligence Report, Indian organisations faced an average of 3,291 attacks per week in the last six months, significantly higher than the global average of 1,847, as per Check Point’s latest Threat Intelligence Report. The most heavily impacted industries in India are Healthcare with 8614 weekly attacks per organization followed by Education/Research (7983) and Government/Military (4731. This alarming trend highlights the increased attack surface due to the rapid adoption of technologies such as electronic health records (EHRs), telemedicine, and Internet of Things (IoT) devices.
The primary threats in the current India landscape include ransomware, phishing, and advanced persistent threats (APTs), which have become more sophisticated with the integration of AI and automation by attackers. For example, ransomware attacks are now faster and more targeted, crippling businesses by encrypting critical data and demanding hefty payments. Phishing remains a gateway for most cyber incidents, with attackers using AI-generated emails and deepfake technologies to deceive users. Additionally, scams like “digital arrest” frauds, where individuals are impersonated through voice cloning or AI-generated content, are on the rise.
In 2024, APT36, a Pakistan-affiliated threat group, targeted India with the ElizaRAT, using cloud platforms like Google Drive, Telegram, and Slack for command and control. Furthermore, the rapid adoption of Internet of Things (IoT) devices, multi-cloud environments, and generative AI tools has expanded the attack surface for businesses, making them more vulnerable to data breaches and supply chain attacks.
There’s a growing concern about how generative AI is being leveraged by cyber attackers. Can you elaborate on how this technology is enabling more sophisticated attacks, and what countermeasures are being developed?
The rise of AI in cyber security is a double-edged sword. While it enhances defenses and improves security measures, it also empowers attackers to carry out more sophisticated and scalable cyberattacks. GenAI has automated phishing campaigns, making them more personalized and harder to detect. It enables cybercriminals to create hyper-realistic deepfakes and voice clones at a low cost, as seen during India’s elections, where deepfake technology was used to influence voters for as little as 8 INR (less than 0.10 USD). With the ability to analyze social media data and identify system vulnerabilities, attackers can now execute large-scale, targeted attacks with greater efficiency.
On the other hand, GenAI also plays a crucial role in strengthening cyber security. It enables faster detection of threats by analyzing massive datasets and automating responses, thereby reducing breach detection time. However, as cybercriminals increasingly leverage this technology for sophisticated malware and phishing attacks, organizations must remain vigilant. Adopting AI-driven threat intelligence tools, conducting regular audits, and training employees to recognize AI-powered scams are vital to mitigating these risks. By balancing the benefits and risks of GenAI, businesses can safeguard their digital infrastructure and stay ahead of malicious actors.
Looking towards 2025, what emerging trends in cybersecurity do you anticipate will impact Indian businesses the most? Are there specific threats or attack vectors you predict will rise in prominence in India by 2025? How should organizations prepare for these?
Indian businesses are expected to face a surge in sophisticated cyber threats by 2025, with ransomware and AI-driven attacks leading the charge. According to Cyberint (a Check Point Company)’s annual Ransomware Report 2024, India was one of the top 10 countries targeted by ransomware, with 99 known cases. Ransomware attacks will become faster and more precise, leveraging AI and automation to spread rapidly across networks. Phishing, often the entry point for ransomware, will evolve with AI-generated emails and deepfake impersonations, making scams more convincing than ever.
Additionally, generative AI will power large-scale attacks like voice cloning and “digital arrest” frauds, which already cost Indians over ₹120 crore in early 2024. Improper use of AI tools by employees could inadvertently expose sensitive data, while emerging quantum computing technologies may undermine traditional encryption systems, posing significant risks to industries such as finance and healthcare.
To address these challenges, organizations must adopt a multi-faceted approach. Proactive AI-driven defenses, such as AI-powered Security Operations Centres (SOCs), will be vital for real-time threat detection and automated responses. A Zero Trust security model, combined with robust training programs to combat phishing and deepfake threats, will be critical in reducing vulnerabilities. Companies must also prioritize securing IoT devices, implementing quantum-safe encryption, and ensuring comprehensive compliance with emerging regulatory standards. By integrating cybersecurity into their broader IT and risk management strategies, businesses can build resilience against the escalating threat landscape.
What specific AI technologies or initiatives is Check Point employing to enhance threat detection and response capabilities for Indian clients?
Check Point has led the way in integrating AI technologies to enhance threat detection and response capabilities. Since 2014, we have actively embedded AI into our security solutions, consolidating data to strengthen threat intelligence. At the core of our AI strategy is Check Point’s Threat Cloud AI, which powers over 40 AI engines and makes 2 billion security decisions every day. This underpins the AI-powered Infinity Platform, strengthened through partnerships with NVIDIA and Microsoft. In 2024, we launched the Infinity AI Copilot, automating 90% of routine security tasks to allow teams to concentrate on more strategic threats, while leveraging 30 years of data to proactively identify and resolve security issues. Our collaboration with NVIDIA on AI Cloud Protect ensures robust defense against complex cyber threats with efficient deployment across various AI environments. Additionally, tools like Check Point Harmony, integrated with Check Point Infinity, use contextual AI to tailor security measures and enforce granular policies based on user behavior, application risk, and device posture, significantly reducing the likelihood of high-risk activities along the attack surface.
Most recently in November 2024, we also announced the new Check Point Quantum Firewall Software R82 (R82) and additional innovations for the Infinity Platform. R82 delivers new AI-powered engines to prevent against zero-day threats including phishing, malware, and domain name system (DNS) exploits. The solution integrates AI to automate security management and accelerate threat resolution.
India is often highlighted for its tech talent. However, there’s talk of a cybersecurity skills gap. What is your perspective on this issue, and what steps is Check Point taking to address it?
India is facing a significant cybersecurity skills gap, ranking second globally in workforce shortages. As of 2024, there are about 4.8 million unfilled cybersecurity jobs globally, a 19% increase from 2023, reflecting the growing skills gap and a stagnant workforce. The demand for cyber security professionals has surged over the past 5-6 years, but the fast-evolving nature of cyber threats requires a workforce that can stay ahead of new challenges. As the digital landscape becomes more dynamic, the need for strong cyber security expertise intensifies, making the skills gap even more urgent.
At Check Point, we understand the pressing challenge of addressing the cyber security skills gap and have taken decisive steps to tackle it. In 2021, we launched Check Point Secure Academy, a global initiative offering free, high-quality cybersecurity education. Through partnerships with higher learning institutions and nonprofit organizations, Secure Academy empowers students and educators with essential skills and certifications to meet the rising demand for cybersecurity professionals. Since its inception, the program has engaged over 20,000 students, who have collectively spent more than 30,000 hours mastering self-paced content provided through a network of over 190 academic partners worldwide.
In 2024, we introduced a special program under Secure Academy, offering content and services valued at up to $60,000, further strengthening our commitment to bridging the global cyber security skills gap. Beyond education for students, we believe the industry must also prioritize upskilling existing professionals and making training programs more accessible to newcomers. Adopting a forward-thinking and comprehensive approach to training, education, and technological advancements in the industry can pave the way for a skilled workforce, whether they are just starting out or advancing mid-career. By focusing on strategic investments in education, partnerships, automation, and awareness, we can make significant strides toward achieving a secure and resilient digital future.
