Digital Threat Report 2025–26

  • 14 Jul 2026

On 13th July 2026, the Ministry of Electronics and Information Technology (MeitY), along with Indian Computer Emergency Response Team (CERT-In), the Computer Security Incident Response Team in Finance (CSIRT-Fin) and SISA, released the second edition of the Digital Threat Report 2025–26 for Banking, Financial Services and Insurance (BFSI) and payments ecosystem.

Key Points

  • Purpose: The report assesses emerging cyber threats and provides strategic guidance for the Banking, Financial Services, Insurance (BFSI) and payments sector.
  • Key Finding: Six of the seven cyber threat predictions made in the previous edition have already materialised, highlighting rapidly evolving cyber risks.
  • AI Asymmetry: The report identifies AI-driven cyberattacks as a major emerging threat, enabling attackers to operate faster and at lower costs.
  • Threat Trends: Social engineering, credential theft, supply-chain attacks and cloud exploitation are now established cyberattack methods.
  • Cyber Failure Framework: The report introduces a four-layer "Anatomy of Cyber Failure" framework to identify systemic vulnerabilities leading to cyber breaches.
  • Roadmap: It outlines an 18-month roadmap to strengthen foundational security controls, continuous risk assessment and cyber resilience.