- CyberComm 2026: National Cyber Security Coordinator Calls Cyber Security a Boardroom Priority
- “India’s Digital Public Infrastructure Is the World’s Envy — and It Must Be Secured”
- “2026 Cannot Be Played with the Playbooks of 2019”: Cyber Security Takes Centre Stage at CyberComm 2026
- Highlights AI, Quantum Computing and Supply Chain Risks at CyberComm 2026
By Sangeeta Saxena
New Delhi. 21 May 2026. As India rapidly expands its digital footprint across governance, finance, infrastructure, transportation and commerce, the country must prepare itself for increasingly sophisticated cyber threats through a coordinated national effort involving government, industry and technology stakeholders. This was the central message delivered by Navin Kumar Singh, National Cyber Security Coordinator, Government of India, during his keynote address at CyberComm 2026 organised by FICCI.
Delivering the keynote address at CyberComm 2026 organised by FICCI, Navin Kumar Singh, National Cyber Security Coordinator, Government of India, highlighted India’s remarkable digital transformation journey and stressed the urgent need to secure the country’s rapidly expanding digital ecosystem against evolving cyber threats. He underlined how India’s Digital Public Infrastructure (DPI), growing startup ecosystem, digitisation of critical sectors, and increasing dependence on connected technologies have created unprecedented opportunities while simultaneously expanding the cyber threat landscape.
Speaking on the importance of cyber resilience, Singh called for stronger public-private collaboration, board-level prioritisation of cyber security, indigenous product development, and accelerated preparedness for emerging technologies such as Artificial
Highlighting India’s unprecedented digital transformation journey, Singh said the country has successfully created one of the world’s most inclusive and democratic digital ecosystems through its Digital Public Infrastructure (DPI) architecture. However, he cautioned that the scale and success of India’s digital ecosystem have also made it an attractive target for cyber adversaries ranging from organised cybercriminal networks to state-sponsored actors.“What India has achieved in digitalisation is phenomenal. It is something the world envies — and therefore it is something we must protect,” Singh stated.
Singh explained that India’s DPI approach has emerged as a globally recognised model because it combines the strengths of both public and private participation while maintaining interoperability and openness.“The Digital Public Infrastructure stack that India has created combines the best of public and private provision. It allows interoperability, innovation and participation from both government and market players,” he said.
According to Singh, unlike purely state-controlled or fully privatised digital ecosystems, India’s model enables both government and market applications to function on shared interoperable infrastructure, encouraging innovation and broad-based participation. “In a public-only model, everything remains controlled through government systems. In a private-only model, private technology companies dominate through closed platforms. India’s DPI approach is unique because it creates an open and interoperable ecosystem where innovation can flourish,” he added.
India’s digital journey has been powered by large-scale public digital platforms such as Aadhaar, DigiLocker, UPI and other citizen-centric services. Singh highlighted the exponential growth in digital adoption across sectors. “DigiLocker registrations have increased 7.3 times in the last five years, reflecting the pace at which citizens are embracing digital systems,” he noted. The success of India’s digital infrastructure was especially visible during the COVID-19 pandemic, when the country successfully managed one of the world’s largest vaccination drives using digital platforms.
“During the pandemic, while much of the world was struggling, India was able to deliver 2.15 billion vaccine doses in just two years because of the digital infrastructure we had built,” Singh said. He further pointed out that India’s digital economy is rapidly becoming a major pillar of national growth.
“We have moved from an offline, cash-driven, informal and low-productivity economy to an open, cashless, formal and high-productivity economy,” he remarked. “India’s digital economy is already around 12 per cent of GDP and is expected to reach nearly 20 per cent by the end of this decade.” Singh observed that digitalisation is no longer limited to governance and fintech, but is now deeply integrated into critical infrastructure sectors including power, transportation, ports, railways, telecom and aviation. “In the power sector, technologies such as SCADA systems, smart meters, smart grids and cloud computing are being increasingly integrated into generation, transmission and distribution systems,” he said.
He added that airports, air traffic control systems, metros and railways are increasingly dependent on automation and connected digital systems for efficient operations.“With the advent of 5G and future 6G technologies, low latency and high bandwidth networks will drive industrial, healthcare and IoT applications on a massive scale,” Singh stated. The National Cyber Security Coordinator also highlighted the transformative potential of Open Network for Digital Commerce (ONDC).“Open Network for Digital Commerce will bring millions of retailers into the e-commerce ecosystem,” he said.
Globally, cyber threats have evolved into one of the most serious security and economic challenges confronting governments and businesses alike. Ransomware attacks, cyber espionage, data theft, attacks on critical infrastructure and AI-driven cyber operations are increasing in both frequency and sophistication. Countries across the world have witnessed attacks targeting power grids, healthcare systems, financial institutions and government databases. The emergence of ransomware-as-a-service models, state-sponsored cyber campaigns, dark web marketplaces and AI-assisted attack tools has significantly lowered the barriers for cybercriminals while increasing the scale of disruption that cyber attacks can cause. The growing interconnectedness of supply chains and cloud infrastructure has further expanded the attack surface globally.
Singh warned that India is already witnessing a steep rise in cyber incidents and cyber crimes.“The cyber threats we are discussing today are not hypothetical. They are real, impactful and already causing substantial damage to businesses,” he said. “There has been a massive increase in cyber incidents and cyber crimes in India over the last few years, even though many incidents still go unreported.” According to Singh, the threat spectrum now includes state-sponsored attacks, ransomware operations, cyber espionage campaigns, data breaches and attacks targeting supply chains. “Supply-chain attacks are particularly worrying because attackers are increasingly targeting service providers who cater to multiple organisations, thereby gaining access to a large number of companies at once,” he explained.
He also highlighted concerns related to intellectual property theft and corporate espionage. “Stealing intellectual property, research data and corporate espionage are also becoming serious concerns,” he added. India’s increasing dependence on digital infrastructure across banking, telecom, transportation, healthcare and government services makes cyber resilience an urgent national priority. Experts believe that attacks on critical infrastructure can potentially disrupt essential services, economic activity and public trust at scale.
One of the most significant concerns raised during the keynote address was the rapidly evolving role of Artificial Intelligence and quantum computing in the cyber domain. “Artificial Intelligence is emerging as one of the biggest new threat dimensions,” Singh said. “It is widely believed that open-source AI models are rapidly approaching the capabilities of frontier systems, and therefore the window available for us to prepare is becoming very short.”
AI-enabled cyber attacks can automate phishing campaigns, vulnerability detection, malware development and deepfake-based fraud operations, making attacks more scalable and difficult to detect. Singh also warned about the long-term implications of quantum computing. “Quantum computing is another major future threat. The transition to post-quantum cryptography itself may take five to ten years, which means preparations must begin immediately,” he stated.
India’s legal framework for addressing cyber crimes and cyber security threats is primarily governed by the Information Technology Act, 2000, along with provisions under the Bharatiya Nyaya Sanhita (BNS), the Digital Personal Data Protection Act, 2023, and sector-specific regulatory guidelines. The Information Technology Act provides legal recognition to electronic records and digital signatures while criminalising offences such as hacking, identity theft, data theft, cyber fraud and cyber terrorism. Agencies such as CERT-In (Indian Computer Emergency Response Team), the National Critical Information Infrastructure Protection Centre (NCIIPC), and cyber cells within law enforcement agencies play a key role in incident response, investigation and coordination. Victims of cyber frauds and cyber crimes can report incidents through the National Cyber Crime Reporting Portal and specialised cyber police units operating across states.
The Government of India has significantly strengthened cyber security regulations and institutional frameworks in recent years to combat emerging threats. CERT-In directions mandate organisations to report cyber incidents within stipulated timelines and maintain extensive log retention mechanisms. The National Cyber Security Policy, sectoral cyber security frameworks, data localisation initiatives and critical infrastructure protection measures have collectively expanded India’s cyber preparedness. The National Quantum Mission and IndiaAI Mission are also aimed at strengthening domestic capabilities in emerging technologies. In addition, regulatory bodies including the Reserve Bank of India (RBI), SEBI, IRDAI and the Ministry of Power have issued sector-specific cyber security guidelines for financial institutions, stock exchanges, insurance providers and critical utilities. The government is increasingly encouraging indigenous cyber security product development and public-private collaboration to reduce dependence on external technologies.
Calling for stronger corporate accountability, Singh stressed that cyber security can no longer remain merely an IT department concern. “Cyber security must become a board-level agenda,” he asserted. “Unless top management is fully sensitised and sees cyber security as a strategic business risk, organisations will remain vulnerable.” He urged businesses to invest in cyber security talent, research and development, and resilient organisational processes. “The more layers of security you create, the greater your chances of delaying attackers and detecting them before they cause serious damage,” Singh said.He also highlighted the importance of information sharing between organisations and industry bodies. “One of the most important requirements today is information sharing within industry,” he said. “Many cyber incidents, including ransomware attacks, never enter official statistics because companies hesitate to share information.” According to Singh, industry-led information sharing and analysis centres can significantly strengthen collective cyber resilience by enabling organisations to share threat intelligence and best practices.
At the national level, Singh advocated a collaborative and integrated approach involving all stakeholders. “A whole-of-society approach is the only way forward for cyber security,” he said. “We are trying to build a comprehensive national situational awareness framework so that all entities are better prepared to defend themselves.” He further emphasised the need to strengthen India’s indigenous cyber security ecosystem. “We need greater investments in indigenous research and development because our long-term goal is to build and promote the Indian technology stack,” he remarked. “The certification, testing and cyber security infrastructure ecosystem in India also requires significant strengthening.”
Singh stressed that India must transition from a predominantly IT services-driven ecosystem to a globally competitive product innovation ecosystem. “We also need to move from a services-led IT industry to a product-driven technology ecosystem,” he said. “Without taking risks and moving decisively into the product domain, it will be difficult for India to achieve the next stage of technological leadership.” On emerging technologies, he said India is already laying the groundwork for future cyber resilience through the National Quantum Mission.
“We want the transition to post-quantum cryptography to happen through indigenous Indian products and technologies,” Singh stated. “The National Quantum Mission is working towards building domestic post-quantum encryption capabilities so that India is not dependent on external systems.” He also emphasized on the importance of leveraging AI defensively. “We must use AI to counter AI. That is one of the pressing requirements of our time.”
Concluding his keynote address, Singh reaffirmed the Government of India’s commitment to supporting the cyber security ecosystem through collaboration and policy support. “The government is fully prepared to support the ecosystem, but industry participation and risk-taking will be equally important,” he said. “With collective efforts and collaboration, I am confident India will move strongly in this direction.” He emphasised that India’s extraordinary digital transformation has created both immense opportunities and equally significant cyber security challenges. He called for a collaborative “whole-of-nation” approach involving government, industry, academia and technology stakeholders to build resilient cyber defence mechanisms. Stressing the importance of indigenous innovation, AI-driven security systems, post-quantum preparedness and information sharing, Singh urged Indian industry to transition from a services-based model to a globally competitive product ecosystem. He reaffirmed the Government of India’s commitment to supporting the cyber security ecosystem through partnerships, policy support and technological advancement.
