Hyderabad: Indian businesses are increasingly coming under attack from AI-powered threats, with deepfakes emerging as a major concern, according to the 2026 Thales Data Threat Report. The report found that 65% of surveyed companies in India experienced deepfake-driven incidents, while 64% ranked AI-enabled attacks as their top data security risk, compared with 70% globally.The survey, conducted by S&P Global 451 Research for Thales, a global cybersecurity firm, involved responses from 3,120 organisations globally. The report flagged rising concerns over the broad access that AI systems are given inside enterprises as companies increasingly embed the technology into workflows, analytics, customer service and software development, often granting these systems access to large volumes of enterprise data.Thales warned that, in many cases, these controls are weaker than those applied to human users, increasing the risk of misuse or compromise. Ankur Kanaglekar, vice president – India at Thales said weak identity governance, access policies and encryption frameworks could allow AI to amplify vulnerabilities across corporate environments.The report also pointed to major visibility gaps in how companies manage data. Only 35% of organisations in India said they knew where all their data resided, while 36% said they could fully classify their data. Globally, nearly half of sensitive cloud data remains unencrypted, underscoring the challenge of securing information as AI systems ingest and act on data across cloud and software-as-a-service environments.Identity-based attacks are also emerging as a key concern, with credential theft cited as the leading attack technique against cloud infrastructure by 68% of Indian organisations that experienced cloud attacks, in line with the global figure of 67%.In addition, 44% of respondents in India ranked secrets management among their top application security challenges, reflecting the growing complexity of managing machine identities, API keys and tokens. The report said 55% of Indian companies also reported damage from AI-generated misinformation or impersonation campaigns, above the global average of 48%.Human error contributed to 26% of breaches in India, and researchers warned that automation could magnify the impact of small mistakes. Although 30% of organisations in India now have dedicated AI security budgets, 53% still rely on existing security spending.Eric Hanselman, chief analyst at S&P Global 451 Research, said continuous data visibility and protection must become central to enterprise innovation as AI becomes more deeply embedded in operations.
