Chennai: Indian businesses are racing to adopt Artificial Intelligence for cybersecurity but remain exposed due to gaps in Zero Trust implementation and identity controls, according to Zoho Corp.'s State of Workforce Password Security Report 2026.
The study found that 93% of Indian organisations believe AI will enhance their security measures, yet one in three have not implemented a Zero Trust framework, leaving critical vulnerabilities as the attack surface expands.
Released ahead of World Password Day on May 7, the global survey by Tigon Advisory Corp. on behalf of Zoho Vault shows a clear mismatch between confidence and capability.
"98% of Indian organisations say they are very likely to deploy AI-driven security tools. When asked to identify their top AI priorities in cybersecurity, real-time threat detection and response led at 76%, followed by user behaviour analytics (56%) and risk-based access control automation (55%). The concentration on visibility and response highlights that existing tools are not keeping pace, yet the building blocks those tools depend on, including strong credential management, remain the least adopted measures in practice," the report stated.
The enthusiasm for AI is matched by investment intent, with 91% signalling an increase in security budgets over the next five years. However, the building blocks of effective security remain under-adopted. Only 25% have implemented strong password policies and multi-factor authentication, while just 9% have prioritised access management and access control. Endpoint security adoption sits at 16%, leaving identity and device layers poorly protected.
The gap is stark given the threat landscape. Almost half (47%) of Indian respondents reported being hit by an attack, and while 91% believe they have the tools to respond, 47% rely primarily on real-time threat detection and mitigation. The biggest risk, the report notes, is coming from within: malicious insiders ranked as the top threat at 23%, ahead of ransomware and human error at 18% each.
"As AI becomes an integral tool at work, organisations need to guard against the new threats emerging in the workplace security landscape," said Chandramouli Dorai, Chief Evangelist, Cyber Solutions & Digital Signatures, Zoho Corp. He added, "While Indian businesses are keen to adopt AI, they still have blind spots, namely lack of Zero Trust, lack of visibility into their critical systems, and threats from internal sources... An AI 'bandaid' on these structural gaps will make the situation worse in the long-term."
Dorai stressed that businesses need sturdier foundations with strong credential management, access controls, and multi-factor authentication. The report also highlights barriers such as keeping up with evolving threats (30%), cost of security solutions (22%), and a shortage of security expertise (16%), which collectively reinforce each other.
Despite the gaps, 85% expressed optimism about adopting a Zero Trust strategy within three years, though 51% of those not ready cited legacy IT infrastructure as the main obstacle. The findings suggest that while AI is seen as the future of security, Indian firms must first shore up foundational controls to avoid creating new risks in the process.
This report was published from a syndicated wire feed. Apart from the headline, the EdexLive Desk has not edited the copy.
