As AI adoption accelerates and digital infrastructure expands, cybersecurity has quietly become one of the biggest boardroom concerns across India Inc.
For years, cybersecurity was treated as an IT department issue. Today, it is increasingly a CEO and board-level priority. The reason is simple: the digital economy has dramatically expanded the attack surface for businesses. From banks and telecom operators to manufacturers and IT services companies, every enterprise is becoming a technology company, and therefore a cybersecurity target.
The latest Q4 FY26 earnings season offered an interesting glimpse into this shift. While few companies openly discuss cyber threats or ransomware incidents on earnings calls, management teams repeatedly highlighted “digital resilience”, “cloud modernisation”, “AI governance”, “secure infrastructure” and “technology resilience” as critical investment areas. The language may have changed, but the message is clear: companies are spending to stay ahead of cyber risks.
The strongest signal came from Tech Mahindra. During its Q4 discussions, management spoke about helping customers accelerate innovation while “strengthening digital resilience and delivering AI led operational efficiencies.”
The trend is equally visible at Tata Consultancy Services. While discussing FY26 performance, the company highlighted strong demand for enterprise transformation, cloud modernisation and AI deployments. Historically, cybersecurity has been one of TCS’s fastest-growing service lines, and management continues to view security as an integral component of large digital transformation programs.
At Wipro, CEO Srini Pallia told investors that geopolitical and policy disruptions have become the “new normal” and that cloud, data and AI continue to attract investments because they provide the infrastructure for future growth. Such projects increasingly require cyber protection, governance frameworks and security monitoring capabilities.
Why boards are worried
Three factors are driving cybersecurity higher on corporate agendas.
First, AI is creating new vulnerabilities. As enterprises deploy AI copilots, large language models and autonomous agents, protecting sensitive data has become more complex. Every AI deployment introduces questions around access control, data leakage and model security.
Second, regulation is tightening. RBI, Sebi, CERT-In (Indian Computer Emergency Response Team) and global regulators are pushing companies to improve cyber resilience, incident reporting and data governance practices.
Third, cyberattacks are becoming more sophisticated. Ransomware gangs are targeting critical infrastructure, financial institutions and supply chains. Even a short disruption can cause reputational damage, regulatory scrutiny and financial losses.
The sectors most exposed
Banks and financial institutions arguably have the most to lose. India’s digital payments ecosystem processes billions of transactions each month, making cybersecurity investments non-negotiable.
Telecom operators face similar challenges. As networks become critical digital infrastructure and AI-enabled services expand, securing customer data and network assets has become essential.
IT services companies sit at the centre of the ecosystem. Firms such as Infosys, HCL Technologies, LTI Mindtree, Mphasis and Coforge are helping global clients modernise technology stacks while simultaneously strengthening security frameworks. The more enterprises digitise, the more cybersecurity becomes embedded in every transformation project.
From cost centre to growth engine
Perhaps the most striking takeaway from Q4 earnings calls is that cybersecurity is no longer being discussed as a compliance expense. It is increasingly being positioned as a business enabler.
Companies pursuing AI adoption, cloud migration, automation and digital customer engagement cannot do so without investing in cyber resilience. For technology providers, cybersecurity has become a growth opportunity. For enterprises, it has become a survival requirement.
The result is a structural shift in spending priorities. Even when discretionary technology budgets are under pressure, cybersecurity remains one of the last areas companies are willing to cut.
That is why, across boardrooms from Mumbai to Bengaluru, cybersecurity is no longer just an IT conversation. It is becoming a business continuity strategy, a regulatory necessity and, increasingly, a competitive advantage.
