/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow Us/dq/media/media_files/2025/11/02/indias-cybersecurity-ecosystem1-2025-11-02-09-57-27.jpg)
Dr. Sanjay Bahl, the Director General of the Indian Computer Emergency Response Team (CERT-In) of the Ministry of Electronics and Information Technology (MEIT) in a recent and interactive meeting with visiting journalists of the European Union countries in New Delhi announced that the cybersecurity ecosystem has reached over 400 start-ups in India, which is supported by a workforce of more than 6.5 lakh, and has entered the industry worth 20 billion US dollars.
These innovators are on more developed solutions including threat-detection, cyber-forensics, and AI-based monitoring systems as pointed out by Dr. Bahl- a move toward more responsive cybersecurity to proactive and intelligences-driven models.
He further stated that CERT-In is itself actively using AI-based analytics and automation to track, prevent and respond to cyber events in real-time, acknowledging that artificial intelligence is a two-sided sword as a weapon in the defence and offence of cyber-operations. It is not a mere announcement but the change in stance of India, which has been a huge market of cybersecurity tools but a provider and innovator in the global cyber-security value chain.
CERT-In’s Role: Beyond alerts to automation and real-time response
The 400 plus start-up number indicates that the innovation pipeline of cyber-security in India is becoming strong. These are start-ups that, according to Dr. Bahl, work in niche areas such as threat intelligence, forensics and AI-monitoring.
This, combined with a 6.5 lakh workforce, shows that the ecosystem is in maturity: talent is present and so is the institutional support (training, certification). To the enterprises and investors, this is an indication that the domestically available supply chain of cyber tools is becoming a reality.
The mission of CERT-In as the national nodal agency in responding to cyber incidents is quite established- including vulnerability assessment, coordination and information sharing of the incident. The focus on AI-analytics, automation to respond and engineered resilience is what is new in the comments made by Dr. Bahl. The official release states that CERT-In does not focus on generic warnings but is providing time-sensitive alerts and specific advisories.
To enterprise CIOs, CISOs and Indian start-ups, this development implies that compliance is changing: the ability to consume real-time threat data, enable automation and interoperability with national incident-response systems will be key competitive advantages.
Implications for Indian enterprises and start-ups
Enterprises: The organisations need to begin to take Indian cyber-security companies and start-ups as serious procurement choices- particularly, threat-detection, forensics and AI-monitoring.
Start-ups: At this stage, the size of the ecosystem is recognised nationally and funded, there is an opportunity to collaborate and enter the global market, particularly those that have AI-based threat-monitoring or forensic tools.
Policy/Regulation: The legal focus on automation and real-time incident-response at CERT-In suggests that firms will face more compliance and integration mandates- not merely rudimentary logging and reports.
Talent and Training: The 6.5 lakh professionals number serves to focus on the quality of training, certification and specialisation (AI-driven cyber-defence, cloud security, hybrid threat analysis).
The road ahead
The announcements of Dr. Bahl reveals an important aspect in the history of cybersecurity in India. The nation has ceased being a mere consumer of international cyber-tools - it is making its own ecosystem of start-ups, expertise and national scope of incident-response capacity. The message is simple, it is not merely another proclamation of the government, but a structural change that opens the opportunities, both to enterprises, innovators, investors and professionals. In enterprise IT, start-up strategy or talent development, fitting into this developing ecosystem of cyber-security might be among the wiser strategic actions in 2026 and beyond.