Padma Jaiswal, a 2003-batch IAS officer from the AGMUT cadre, holds an MBA from Panjab University and a degree in Company Secretaryship. She has held significant roles in the Union and State governments, public-sector companies, and regulatory institutions like RBI, SEBI, and the Election Commission. Currently serving as Secretary to the Government for Union Territories and States, her responsibilities include policy formulation, implementation, and key decision-making within her jurisdiction in coordination with relevant ministers or the Council of Ministers.
As the world increasingly adopts AI, 5G, and Quantum Computing, these technologies provide new opportunities across various industries while exposing nations to more sophisticated cyber threats. Sectors such as finance, healthcare, critical infrastructure, and smart cities face unique risks associated with these advancements. Different countries, including India, are addressing these challenges in various ways. To effectively mitigate these risks, a combination of regulatory frameworks, public-private collaboration, and innovative cybersecurity solutions is essential. In the following sections, we will explore the implications of these technologies with use cases from India and around the world, highlighting both shared challenges and distinct responses.
AI: Enhancing Defences and Enabling Attacks
AI has a dual nature: it can strengthen cybersecurity while empowering cybercriminals. Governments and businesses globally are using AI-based tools to detect threats and predict cyber incidents. For instance, CERT-In in India utilises AI to monitor government networks, and AI-driven fraud detection tools help protect banking operations from phishing and identity theft.
On the other hand, cybercriminals also exploit AI to carry out targeted phishing attacks and create deepfake frauds. In India, hackers used AI to replicate bank communications, tricking customers into disclosing their account credentials. Similarly, in the UK, cybercriminals employed deepfake audio technology to impersonate a CEO, resulting in a fraudulent transfer of over $243,000. These incidents highlight that while AI strengthens cyber defences, attackers use it to devise more complex and personalised threats, making cybersecurity a continuous challenge.
Globally, the response includes AI regulation and collaborative defence frameworks. India’s push for robust AI governance aligns with efforts in Europe where the EU’s AI Act seeks to ensure the ethical and secure use of AI in high-risk applications.
5G Networks: Expanding Connectivity and Increasing Vulnerabilities
The rollout of 5G networks introduces new risks due to the rapid increase in Internet of Things (IoT) devices connected to critical infrastructure. In India, cities like Pune and Bengaluru utilise 5G-powered IoT systems to manage traffic, utilities, and healthcare services. However, if IoT devices are compromised, it could disrupt essential services. For example, in Delhi, an IoT-enabled ventilator in a hospital was targeted by attackers, putting patients at serious risk.
Similar vulnerabilities have arisen globally. In Finland, a distributed denial-of-service (DDoS) attack on IoT-connected security cameras compromised the surveillance system of a major hotel, demonstrating how cyber-attacks on smart systems can affect safety and operations. In the United States, telecom operators continue to experience persistent DDoS attacks on their 5G infrastructure, causing disruptions across multiple States.
To mitigate these risks, India must implement IoT security standards and adopt zero-trust frameworks. Other countries are taking similar measures: Japan has put strict IoT security policies in place ahead of the 2020 Olympics, while South Korea has mandated zero-trust protocols for its 5G networks to prevent unauthorised access and insider threats.
Quantum Computing: Threats to Encryption and Development of New Defenses
Quantum computing poses a significant threat to traditional encryption methods, raising concerns about the security of financial data, defence communications, and personal information. India’s financial systems, which rely on encryption to secure Aadhaar-linked accounts, are particularly vulnerable to attacks enabled by quantum computing. Hackers could steal encrypted data today and decrypt it in the future, jeopardising national security and financial stability.
Similar challenges are being addressed globally. In the United States, the National Institute of Standards and Technology (NIST) is leading efforts to develop post-quantum cryptography standards to protect critical infrastructure from future threats. Meanwhile, China is making substantial investments in quantum technologies, heightening concerns about an encryption arms race among global powers.
India has already begun preparing for a quantum future. In 2022, the Indian Space Research Organisation (ISRO) successfully conducted a Quantum Key Distribution (QKD) test between two cities, demonstrating progress toward creating secure, unhackable communication channels. Additionally, the Reserve Bank of India (RBI) has initiated research into quantum-safe cryptography for banking systems to safeguard transactions against future quantum threats.
Cascading Failures and Global Risks
The convergence of AI, 5G, and the Internet of Things (IoT) poses systemic risks, where failures in one system can lead to disruptions across interconnected sectors. This phenomenon is already being observed both in India and internationally. For instance, in Mumbai, a suspected cyber attack in 2021 disrupted the power grid, leaving parts of the city without electricity. Similar incidents have occurred in Ukraine, where cyber attacks on the power grid resulted in nationwide blackouts, underscoring the risks associated with attacks on critical infrastructure.
The combination of AI-powered malware and 5G networks introduces further dangers. In South Korea, hackers utilised AI-driven malware to compromise an autonomous vehicle system, which could have led to serious accidents if not detected in time. The potential for cascading failures highlights the urgent need for nations to implement real-time monitoring tools and promote public-private collaborations to secure critical infrastructure.
India’s National Critical Information Infrastructure Protection Centre (NCIIPC) is collaborating with private companies to safeguard telecom, energy, and transport networks against such cascading failures. Similarly, global efforts are underway, with the United States and the European Union launching cross-border collaborations to protect supply chains and critical infrastructure from AI-enhanced attacks.
Mitigating Cyber Risks: Strategies for a Secure Digital Future
As cyber threats are evolving, nations must adopt proactive strategies to secure their digital infrastructure. India has made significant progress with AI-powered incident response tools, such as those used by the Maharashtra Cyber Cell, which successfully averted a large-scale ransomware attack on Mumbai’s municipal corporation in 2023.
Globally, countries are enhancing their cyber resilience through collaborative frameworks. For instance, Israel’s Cyber Defence Authority has formed public-private partnerships to combat ransomware attacks while Singapore has launched cyber hygiene campaigns to raise public awareness about phishing and social engineering threats.
Additionally, the Reserve Bank of India is focusing on adopting post-quantum cryptography to safeguard financial transactions against future quantum threats. This mirrors the efforts of organisations like NIST and Germany, which are developing new encryption standards. Furthermore, zero-trust security models are gaining traction worldwide. The U.S. federal government has mandated the implementation of zero-trust architectures across all agencies by 2024, establishing a global benchmark that India’s 5G telecom operators are beginning to follow.
Securing the Future Through Global
Collaboration and Innovation
The rapid adoption of AI, 5G, and Quantum Computing presents transformative potential but also introduces unprecedented cybersecurity risks. India’s experiences with AI-driven fraud, IoT vulnerabilities, and power grid attacks exemplify broader global challenges. As these technologies converge, countries must implement AI-based threat detection, quantum-safe encryption, and zero-trust frameworks to enhance cyber resilience.
India’s efforts to secure its critical infrastructure align with global initiatives. Collaborative frameworks, such as those between the National Critical Information Infrastructure Protection Centre (NCIIPC) and private sector companies in India, reflect similar efforts in countries like the US, Japan, and South Korea, where public-private partnerships are vital for managing cyber risks. As cyber threats become increasingly sophisticated, global cooperation, regulation, and innovation will be essential for ensuring a secure digital future.
By proactively addressing evolving threats and embracing post-quantum cryptography, AI-driven security solutions, and robust 5G frameworks, India and other nations can safeguard their digital ecosystems. In an interconnected world, the ability to adapt proactively will determine the security and sustainability of the digital economy for years to come.
Recommendations for India
As India accelerates its digital transformation with AI, 5G, and quantum technologies, it must implement robust cybersecurity measures to mitigate evolving risks. AI-powered platforms can provide real-time threat detection and prevention; however, attackers leverage AI to launch increasingly sophisticated cyber threats. To stay ahead, India needs to develop AI-based cyber intelligence platforms across critical sectors such as government, healthcare, and banking. Maharashtra’s success in employing AI to prevent ransomware attacks in Mumbai’s municipal network demonstrates the potential for scaling such initiatives nationwide. Furthermore, India can collaborate internationally with the EU, which promotes similar AI-based cyber defence through its Horizon 2020 programme.
The rapid deployment of 5G and IoT networks in India is transforming sectors such as healthcare and smart cities, but it also expands the attack surface. Implementing strong IoT security protocols, secure-by-design frameworks, and zero-trust models will be essential for safeguarding these interconnected networks. India has experienced incidents involving attacks on IoT medical devices, such as the ventilator incident at a Delhi hospital, highlighting the urgent need for stronger controls. Globally, Japan’s IoT security guidelines, effectively applied during the Tokyo Olympics, provide a valuable model that India can adopt to mitigate risks.
Quantum computing poses another significant challenge, as it has the potential to compromise existing encryption methods, putting sensitive data at risk. India must accelerate efforts to adopt post-quantum cryptography and develop quantum-safe communication systems, particularly in the defence and financial sectors. India’s recent success in Quantum Key Distribution (QKD) experiments conducted by ISRO offers a promising foundation for secure communication. By learning from global initiatives such as NIST’s development of post-quantum encryption standards, India can align its research and regulatory efforts to protect its critical infrastructure against future threats.
Public-private partnerships are essential for ensuring cyber resilience in India. Strengthening collaboration between the National Critical Information Infrastructure Protection Centre (NCIIPC) and private sectors—such as telecommunications and energy providers—can significantly enhance the country’s ability to prepare for cyber attacks. Establishing information-sharing networks across different industries will help create a cooperative defence ecosystem. A noteworthy example for India to consider is the successful defence model of Israel’s Cyber Defense Authority, which utilises public-private collaboration to combat ransomware attacks.
In addition, increasing cyber awareness and capacity-building programmes is crucial. Implementing public campaigns to educate citizens about phishing and social engineering attacks, along with integrating cybersecurity training into educational institutions, will cultivate a skilled workforce capable of mitigating risks. Similar initiatives in Singapore, where ongoing public education has led to a reduction in cybercrime, could serve to inspire India’s national strategy. Indian banks have already made some progress in decreasing phishing incidents through customer education, emphasising the importance of raising public awareness.
India also needs to establish regulatory frameworks for emerging technologies. Developing governance policies for the ethical deployment of artificial intelligence (AI) and establishing quantum research hubs will help ensure that innovation is balanced with security. This aligns with international initiatives such as the EU’s AI Act and the OECD’s AI principles, which aim to create global standards for the responsible use of AI.
To secure critical infrastructure, adopting zero-trust models is vital for preventing cascading failures across interconnected systems like power grids, transportation, and financial networks. The 2021 Mumbai power grid incident highlighted the risks associated with such attacks. By implementing zero-trust architectures in public infrastructure, along with prompt incident response protocols, India can better contain potential disruptions. The U.S. federal government serves as a model, as it has mandated zero-trust frameworks for all agencies, ensuring tighter control over sensitive systems.
Global cooperation will be crucial to India’s cybersecurity initiatives. Strengthening India’s participation in international alliances, such as the Global Forum on Cyber Expertise (GFCE), will enhance collaboration on artificial intelligence (AI) and quantum standards. As leading nations like the United States, European Union, and Japan work together on 5G and post-quantum security initiatives, India must position itself as a proactive partner in these global discussions. In conclusion, India’s ambition to become a global leader in AI, 5G, and quantum technologies requires a forward-thinking cybersecurity strategy. By implementing AI-driven threat detection, post-quantum encryption, zero-trust frameworks, and fostering public-private partnerships, the nation can safeguard its critical infrastructure and digital economy from emerging threats. Global collaboration, ongoing innovation, and comprehensive capacity-building programmes will further strengthen India’s resilience against new cyber challenges. By taking proactive measures and aligning with global best practices, India can build a secure and sustainable digital future.