Fact Check
Why Cybersecurity Budgets Are Set to Soar in 2025: Key Reasons Explained
In the digital age, cybersecurity has become increasingly critical—and expensive. India’s Expenditure Budget for the Indian Computer Emergency Response Team (CERT-In) and other cybersecurity projects has doubled to approximately Rs 1,000 crore in 2024-25, compared to Rs 500 crore in 2021-22, and under Rs 100 crore before 2018-19. While this now accounts for 4.5% of the Ministry of Electronics and Information Technology’s budget—up from 2% in 2017-18—the question remains: Is it enough to combat the ever-evolving cyber threats?
Growing Cyber Threats and Financial Losses
India’s digitization has made life more convenient, but it comes with a growing risk of cyberattacks. Fraudulent activities, including bank fraud, hacking, and UPI phishing, have surged. According to the Reserve Bank of India, financial frauds involving amounts of Rs 1 lakh and above caused losses of Rs 177 crore in 2023-24. This marks a significant rise from Rs 50 crore in 2020-21 and Rs 80.33 crore in 2021-22. These figures do not account for the thousands of smaller frauds below Rs 1 lakh, reflecting an alarming trend in cybercrime.
Registrations Open for FutureCrime Summit 2025: India’s Largest Conference on Technology-Driven Crime
The Rising Cost of Data Breaches
India also recorded its highest-ever average data breach cost of Rs 19.5 crore in 2024, as per IBM’s Cost of a Data Breach Report. This marks a 39% increase since 2020 and a 9% rise from the previous year. Phishing and stolen credentials were the leading causes of breaches, accounting for 18% each, followed by cloud misconfigurations (12%). Business email compromise emerged as the costliest type of breach, with an average impact of Rs 21.5 crore, followed by social engineering (Rs 21.3 crore) and phishing (Rs 20.9 crore).
CERT-In’s Role in Cybersecurity
As India’s national cybersecurity agency, CERT-In plays a pivotal role in combating cyber threats. It monitors and disseminates information on cyber incidents, issues alerts and advisories, and conducts mock drills to test organizations’ cyber preparedness. Meanwhile, broader cybersecurity projects aim to secure the nation’s cyberspace through initiatives such as security policy development, incident response, compliance, and legal frameworks.
The Corporate Perspective
The escalating threat landscape has become a top concern for business leaders. A PwC report, Bridging the Gaps to Cyber Resilience: The C-suite Playbook, revealed that cybersecurity ranks as the highest risk mitigation priority for executives, ahead of inflation and environmental risks.
The Future of Cybersecurity in India
As technology advances, cyber-attacks are evolving beyond financial fraud to threaten national security. The integration of generative AI and the increasing reliance on cloud storage pose additional challenges. Gartner predicts that by 2027, 17% of cyberattacks globally will involve generative AI, further straining cybersecurity defenses.
While India’s increased investment in cybersecurity is a step in the right direction, the growing sophistication of cybercriminals demands greater vigilance, advanced tools, and robust policies to ensure the safety of individuals, businesses, and the nation.
