20-05-2025
India Leads Asia-Pacific in Cybersecurity Maturity: Report
AI-driven cybersecurity investments set to rise by 41.45 per cent in India; cyber budgets now account for 13 per cent of company revenue
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
India has topped the cybersecurity maturity rankings across the Asia-Pacific and Japan (JAPAC) region, according to Palo Alto Networks' Cybersecurity Resilience in Mid-Market Organisations report. With a score of 20.3 out of 25, India surpassed the regional average of 19.01, indicating robust progress in areas such as cybersecurity strategy execution, business integration, and operational capability. The report reflects a growing shift towards AI-driven defence strategies, even as several challenges remain.
Cybersecurity budgets among Indian mid-market firms now represent 13 per cent of overall revenue. Investment in specific AI capabilities is projected to increase by 41.45 per cent, alongside similar growth in security software (41.45 per cent) and cyber insurance (39.14 per cent). However, many organisations are still in the early stages of embedding AI within their security workflows, with gaps in incident recovery and resilience persisting.
"Cybersecurity is no longer just an IT issue, it's a business priority. As threats grow more sophisticated and AI reshapes the threat landscape, our benchmark study reveals that many mid-market organisations are still catching up," said Michelle Saw, Vice President, Ecosystems, Asia-Pacific and Japan, Palo Alto Networks.
The report also underscores the increasing importance of external partners in managing cybersecurity. Currently, 69 per cent of Indian organisations rely on partners, this figure is expected to rise to 77 per cent over the next 24 months. Across the wider region, reliance on partners is set to increase from 53 per cent to 79 per cent in two years.
Despite growing awareness and investment, AI was cited as one of the lowest-performing areas in current cybersecurity frameworks. Over the next two years, cloud security, identity and access management (IAM), and security information and event management (SIEM) are expected to be the top priorities for investment.
Commenting on the findings, Tim Dillon, Founder and Principal Analyst at Tech Research Asia, said, "The research indicates that mid-market organisations in the region have made notable advancements in strengthening their cybersecurity posture. However, there remains substantial opportunity for partners to support continued progress, particularly in the areas of workforce education and training, identity and access management, and application and data security."
The study further found that the implementation of frameworks like NIST 2.0 remains inconsistent across the region, with financial services, telecommunications, and utilities leading in adoption. The report recommends a platform-based approach with integrated AI capabilities to address operational complexity and strengthen overall cyber resilience.
