Mon, 13 Jul 2026 · LIVE
Updated Jul 13, 2026 · 14:55
Computer News Updated Jul 13, 2026

Experts Warn: AI Asymmetry Is a Key Risk for Financial Institutions

Experts have identified AI asymmetry as a critical risk for financial institutions, where offensive capabilities are outpacing defensive measures. The second edition of the 'Digital Threat Report 2025-26' for the BFSI sector was released by the IT Ministry, CERT-In, CSIRT-Fin, and SISA. The report reveals that six of seven predictions from last year have already materialised, showing a rapid shift from threat emergence to exploitation. Collaboration between public and private sectors is emphasised to strengthen cyber resilience in India's interconnected financial ecosystem.

Experts highlight AI asymmetry among key risks facing financial institutions

New Delhi, July 13

Experts on Monday highlighted AI asymmetry as one of the defining risks facing financial institutions, saying that activities that once required specialist teams, significant resources and weeks of effort can increasingly be performed at machine speed by comparatively low-resource threat actors.

This is placing offensive capabilities on a faster development curve than many of the defensive and regulatory mechanisms designed to contain them, they said.

IT Ministry, along with the Indian Computer Emergency Response Team (CERT-In), the Computer Security Incident Response Team in Finance (CSIRT-Fin) and SISA, released the second edition of the 'Digital Threat Report 2025-26' for the Banking, Financial Services and Insurance (BFSI) and payments ecosystem.

"As cyber threats become increasingly sophisticated, trusted partnerships between public institutions and industry are essential to strengthening digital trust. The 'Digital Threat Report' represents a meaningful collaboration among CERT-In, CSIRT-Fin and SISA," said S. Krishnan, Secretary, MeitY,

This partnership demonstrates how expertise developed in India can contribute both to our national cyber resilience and to advancing cybersecurity knowledge globally, he told the gathering.

The report draws on extensive digital forensics and incident response (DFIR) research, analysis aligned with CERT-In and CSIRT-Fin observations, and research into adversarial AI.

Its central finding is that six of the seven forward-looking predictions made in last year's edition have already reached full-scale realisation.

This rapid progression demonstrates how the time between the emergence of a threat and its operational exploitation is shrinking, often from years to months or even weeks.

"The distance between innovation and exploitation has narrowed dramatically, and that single shift changes everything about how our industry must defend itself," said Dharshan Shanthamurthy, Founder and CEO, SISA, a global leader in cybersecurity for the payment ecosystem.

The report provides financial institutions, regulators and cybersecurity leaders with an executive assessment of the threats reshaping banking, financial services, insurance and digital payments.

Dr Sanjay Bahl, Director General, CERT-In, said that as India's financial ecosystem becomes more interconnected, real-time and technology-driven, cyber resilience must be treated as a shared responsibility across institutions, regulators and the wider digital supply chain.

— IANS

Reader Comments

Sarah B

Interesting report. The fact that 6 out of 7 predictions from last year have already come true shows how quickly the threat landscape is evolving. Financial institutions need to invest more in AI-driven defense systems rather than just relying on traditional compliance frameworks.

Vikram M

Good initiative by MeitY and CERT-In. But I'm skeptical about how many small banks and NBFCs will actually implement these recommendations. They barely have proper IT infrastructure, forget about AI defenses. RBI should mandate stricter compliance deadlines.

James A

The asymmetry problem is real. As a cybersecurity professional, I see attackers using generative AI to craft phishing emails that are almost indistinguishable from genuine ones. Banks need to move from reactive to proactive defense. This report is a wake-up call for the entire BFSI sector.

Priya S

The collaboration between CERT-In, CSIRT-Fin, and SISA is encouraging. But I hope this isn't just another report that gathers dust on shelves. We need actionable guidelines and regular audits for banks. Also, public awareness about AI-powered threats is equally crucial. 📱🔒

Michael C

Shrinking from years to weeks? That's terrifying. Financial institutions are still struggling with basic cybersecurity hygiene like patching and multi-factor authentication. If low-resource threat actors can now operate at machine speed, we're in trouble. The industry needs a paradigm shift.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Reader Voices

Leave a comment

Be kind. Add to the conversation. 0/50
Thank you — your comment has been submitted.
JS blocked