July 13, 2026 8:09 PM

printer

Govt Releases 2nd Digital Threat Report, Calls for Stronger Cyber Resilience in Financial Ecosystem

The Government today highlighted that cybersecurity risks in the financial services sector have evolved beyond data theft and isolated breaches. It noted that these risks now extend to transaction integrity, customer trust, operational continuity, third-party dependencies, decision-making systems and confidence in the digital infrastructure underpinning the economy.

 

The Ministry of Electronics and Information Technology (MeitY) informed this in the second edition of its Digital Threat Report 2025-26 for the Banking, Financial Services and Insurance (BFSI) and payments ecosystem. The report provides financial institutions, regulators and cybersecurity leaders with a comprehensive assessment of the evolving cyber threat landscape affecting banking, financial services, insurance and digital payments.

 

Identifying AI asymmetry as one of the defining risks confronting financial institutions, the report stated that cyberattacks which previously required specialist expertise, substantial resources and weeks of preparation can now be executed at machine speed by comparatively low-resource threat actors. It warned that offensive cyber capabilities are advancing faster than many existing defensive and regulatory mechanisms.

 

The report noted that cyber threats once regarded as emerging or sporadic, including social engineering, credential theft, supply-chain compromises and cloud exploitation, have now become established attack methods. It observed that the most damaging cyberattacks increasingly appear as legitimate user sessions, authorised payments or routine workflows, making them difficult to distinguish from genuine activity until significant damage has already occurred.

 

The report also outlined an 18-month roadmap for the financial sector, focusing on strengthening foundational security controls, developing continuous cyber resilience capabilities and building more resilient security architectures.
Addressing the launch of the report, Secretary, MeitY, S. Krishnan, said that trusted partnerships between public institutions and industry have become essential to strengthening digital trust as cyber threats grow increasingly sophisticated. He said the report reflects a significant collaboration among Indian Computer Emergency Response Team (CERT-In) and Computer Security Incident Response Team – Finance Sector (CSIRT-Fin), demonstrating how cybersecurity expertise developed in India can contribute to both national cyber resilience and the advancement of global cybersecurity knowledge.

 

Speaking on the occasion, the Director General of CERT-In, Dr. Sanjay Bahl said that as India’s financial ecosystem becomes increasingly interconnected, real-time and technology-driven, cyber resilience must be treated as a shared responsibility among institutions, regulators and the broader digital supply chain. He said the report underscores the need to move beyond periodic security interventions towards continuous risk assessment, coordinated response mechanisms and stronger information sharing.