India: The next technological hub

India’s Digital Industry has been a global outperformer in demand growth and shareholder wealth creation for a decade. Its strong starting point could make it the next Digital Technology Hub.

 India’s IT Spending to be $138 Bn in FY’2024 growing at 11.1% CAGR driven by AI and focus on profitability. The Indian digital sector has surpassed all shareholder expectations, outpacing not only the broader equity market but also most of its related industries starting from 0.1 Tn in 2014 and now pacing towards USD 1 Tn by 2030. This remarkable growth has been fueled by steady revenue increases, improved profit margins, and a rise in leveraged technologies like AI/ML, Cloud, IoT, etc.

The sector is shown to grow on an advancing level with 49% of the share of Global 130 Mn Real-Time Payments in FY’2024. Volume of $116 Bn Digital Transactions in India during FY’2024 (Till 31st Dec 23) growing at 45% CAGR and the Value of $60 Bn B2C E-commerce Gross Merchandise Value in FY’2024 expected to grow 6x by 2030. Hand in hand Cybersecurity concern is also getting a momentum in the Digital Economy. The growing tech climate is raising concerns with cybersecurity incidents growing at CAGR of 50.3% CAGR. This outburst is caused by a range of factors:

1. Increased Investment in Cloud Computing by 84%: In India, 84% of companies are investing in cloud technology. Compliance with data protection laws adds further complexity to cybersecurity strategies. The shift to cloud services creates complex interconnections that are vulnerable, making significant investments in cybersecurity essential.
2. IT Investments and Modernization: Each new system or device can introduce vulnerabilities that attackers can exploit, thereby complicating the security landscape for organizations. Examination of Major Malware Subtypes in India constitute 64.7% of ransomware followed by 14.6% of Spyware, 11.8% of Viruses, and 8.8% of Trojans.  
3. Share of Hybrid Workforce led to twofold security incidents:  Our calculations revealed that 82% of Indian organizations have experienced at least a twofold increase in security incidents due to the hybrid work model. This includes a notable rise, with 33% YoY increase in several cyberattacks in India in Q1 FY’2025.
4. Public Digital APIs exceeded by $ 22 billion: In India, users account for 20% of those affected by cyber threats, with 22.9% experiencing attacks originating from the web. Spending on public digital APIs has exceeded $22 billion, increasing the attack surface for organizations as these APIs serve as gateways to critical systems and data. Their internet exposure makes them attractive targets for cybercriminals.

An analysis of India’s competitiveness

This section analyzes India’s competitiveness in chemicals across three categories: Talent, Landscape, and Regulatory.

1. Talent availability: India is self-sufficient in availability of talent but lacks in the quality of training programs. India has a vast pool of skilled professionals in IT and cybersecurity. However, as the digital landscape grows, so do vulnerabilities of training and educating. $ 1.8 Bn aims to booster to scale up digital skilling, cybersecurity, e-governance services and development of AI.
2. Competitive landscape: India has a number of competitive players in the market but lacks in making efficient decisions. Major companies like Broadcom, CrowdStrike, ardent, BYTESEQ, Arrka, and DBAUX with market share of 400 Mn in FY 2024 lags behind in data security, application security, identity and access management etc.
3. Regulatory Compliance: India is efficient in risk mitigation but the compliance burden overpowers its efficiency. The costs associated with compliance management systems, training, and legal advice can strain budget. The Penalty of $ 30 Mn in case of failure to implement security safeguards under Digital Personal Data Protection Act (DPDP), 2023 is one of the compliances to monitor safety standards.

Phishing And Ransomware

Record Number of Cyberattacks: In 2023, Indian websites and applications faced an alarming 5.14 billion cyberattacks, underscoring the escalating threat environment for businesses and organizations across various sectors.

1. Attack Vectors: The majority of these attacks stem from specific sources:

• 12.5% originated from email
• 10% from software vulnerabilities
• Other attacks exploited applications

2. Threat Actors: The surge in cyberattacks can be attributed to various threat actors, including:

• Cybercriminals: 20%
• Hackers: 16%
• Advanced Persistent Threats (APTs): 15%
• Insider Threats: 14%
• Malware Developers: 12%

Types of Attacks: Among the various types of attacks, phishing and ransomware have emerged as particularly prevalent, accounting for 28% of all cyber incidents in India. This trend emphasizes the need for organizations to adopt comprehensive security strategies to combat these common threats.

Sector Vulnerability: The healthcare sector has been especially vulnerable, with 100% of its websites experiencing bot attacks. Other sectors, such as education, consulting, and government, are also facing significant attack rates, indicating a widespread issue that requires immediate attention.

Social engineering has emerged as the costliest root cause of data breaches in India, averaging around $2.3 million per incident. Alarmingly, 32% of critical vulnerabilities remain open for over 180 days, while 33% are exposed for more than 90 days. India accounts for 13.2% of total Distributed Denial of Service (DDoS) attacks globally, making it the second most targeted nation after the United States.

Benchmarking India’s Manufacturing Competitiveness in the Digital World

While it is clear that the Indian Digital sector is geared up for an advancing growth, its cybersecurity concerns is less clear. Benchmarking the sector against five global Digitals clusters—Japan, China, South Korea, United Kingdom—across number of variables shows that though India is more or equally competitive on most counts, other countries have a competitive edge over India in a few crucial respects.

Potential winning opportunities in India’s Digital and Cybersecurity sector

Today, the Indian digital industry presents numerous opportunities for scaling businesses across various specialties and segments. To effectively identify these opportunities, it is essential to strike the right balance between market attractiveness and cost competitiveness. Cost competitiveness is typically influenced by dynamic landscape, intricate IT structures and algorithms, and, most importantly, budget considerations. Along with everything there is a significant untapped accessible market for cybersecurity providers in India.

1. Dynamic Landscape to reach $1.49 billion: India's cybersecurity market is on a remarkable growth trajectory, fueled by the rapid pace of digital transformation and the escalating threat of cyberattacks. It is expected to reach around $1.49 billion in FY 2024, with a compound annual growth rate (CAGR) of 32% projected through FY 2030. This surge in the market is anticipated to generate approximately 1.5 million new job opportunities by FY 2026.
2. Intricate IT structures backed by $59 billion: Improved reporting practices have emerged, with 20% of users successfully identifying phishing attempts during simulation tests. Additionally, digital spending of $59 Billion in FY’2027 growing at a CAGR of 10% driven by AI adoption indicates a growing awareness and proactive stance among employees.

Implications for Indian and global companies to reflect on

India possesses significant potential in the digital realm, driven by a rapidly expanding digital economy, a vast consumer base of over 830 million internet users, and government initiatives like the Digital India program. Emerging technologies such as AI, blockchain, and IoT projects indicate that digital applications could contribute $335 billion to $435 billion to the economy by 2025. Additionally, programs like Aadhaar and the Pradhan Mantri Grameen Digital Saksharta Abhiyan are bridging the digital divide and empowering citizens.

Questions to be addressed

Global Tech companies interested in entering or scaling up their businesses in India should, however, strategically ponder upon several questions, such as: What are the current regulations governing digital services, data protection, and competition in India? How will upcoming legislation, such as the Digital Personal Data Protection Act, impact our operations? What are the potential costs associated with entering the Indian market, including compliance, marketing, and operational expenses? Are there local funding opportunities or incentives from the government for tech companies?

Similarly, Indian Tech companies need to reflect upon numerous questions, such as: What are the specific needs and preferences of Indian consumers? How do they differ across diverse regions and demographics? What emerging technologies (e.g., AI, IoT) should we leverage to enhance our products or services and stay competitive in the rapidly evolving digital landscape? How can we enhance digital adoption across various sectors?