With the global surge in cyber threats, enterprises of all kinds are looking to AI to solve some of their issues conveniently. The same goes for Indian enterprises.
However, AI remains a double-edged sword that can both defend and attack digital infrastructure, creating a complex cybersecurity landscape for businesses to navigate.
The adoption of AI-powered security solutions is rising, but many organisations, especially small and medium-sized enterprises (SMEs), often lack clarity on when and where to implement these technologies effectively. Understanding this balance could be the key to robust cybersecurity frameworks for Indian businesses.
When to Use AI in Cybersecurity and When Not to
According to Binoy Koonammavu, founder and CEO of ValueMentor, a cybersecurity consulting and managed security services provider, AI implementation in security requires careful consideration.
“Artificial intelligence is something which both sides can utilise. It’s like a knife. You can use it for cutting the vegetables or cutting the veins,” he told AIM.
He explained that a critical factor is the availability of data. Without substantial data, AI platforms cannot add meaningful value to an organisation’s security posture. Companies must evaluate whether they have enough data to train AI systems effectively before implementing them. AI excels in scenarios requiring adaptation to new environments and processing large volumes of information.
Koonammavo further explained that email security is a prime example of a field in which LLMs can read messages, understand context, and determine potential threats more efficiently than rule-based systems.
“When it comes to an…email phishing attack, for example, ransomware attacks, there’s a lot of data available, and it requires adaptability when it comes to analysing the threat instead of being rule-based. It requires language models to read the email, understand the email, and decide whether it is a potential threat to the organisation or not,” he noted.
However, traditional rule-based approaches remain more effective for structured tasks like firewall configuration or access management. Organisations often fail to recognise this distinction, resulting in misguided AI implementations that deliver minimal security benefits.
The Balanced Approach to AI-Powered Cybersecurity
Koonammavu recommends a three-layered approach for organisations to protect themselves from AI-driven cyber threats: AI-driven security platforms and tools, well-defined use cases with rule-based solutions, and human oversight for critical judgment calls.
“The objective of artificial intelligence is not to replace people, but that’s how it is being portrayed in the market. And I think that’s…not right, because you need people to make risk judgments,” he emphasised.
This balanced approach is particularly relevant for Indian SMEs, which may not have the resources to build in-house AI capabilities. For these organisations, subscribing to AI-driven security services might be more practical than developing proprietary solutions.
He suggests that smaller organisations should look at AI-driven service providers to subscribe to a service. “They don’t have to build anything internally. They just need to subscribe so that 80%-90% of the improvements, in addition to the existing solutions, would come into those organisations.”
Furthermore, these AI-driven solutions can drastically improve the security posture of these companies.
Minimum Viable Security for Indian Organisations
A foundational issue for many Indian companies is the product-centric approach to cybersecurity without understanding the underlying value these solutions provide. The concept of “minimum viable security” offers a practical framework for organisations to establish baseline protection.
Minimum viable security refers to the essential safeguards an organisation needs to maintain business continuity.
“A lot of minimum viable security is driven today by a lot of compliance requirements. So if you go to a small community bank driven by a cooperative bank, for example, there are a number of controls that are pushed by the RBI or NABARD,” Koonammavu said.
However, compliance alone doesn’t guarantee adequate protection. Organisations must assess whether these controls are implemented and effectively mitigate relevant threats. This is where AI-augmented security services can help bridge gaps without requiring expensive in-house cybersecurity talent.
Koonammavu added that some organisations may not have the financial capacity to hire human resources to handle cybersecurity, and AI-driven solutions can come in handy.
He also highlighted that many Indian startups and SMEs are already adopting fractional cybersecurity leadership models and working with virtual Chief Information Security Officers (CISOs) through ValueMentor for a few days each month to establish and maintain appropriate security measures. This approach allows businesses to access senior expertise without the full-time cost burden.
As Indian enterprises advance digital operations, finding the right balance between AI implementation, traditional security controls, and human oversight will be crucial. The knife of artificial intelligence can indeed cut both ways—the difference lies in how organisations choose to wield it.
