Transformative Shifts Reshaping Enterprise Defence in India
Diwakar Dayal is the Managing Director and AVP for India and SAARC at SentinelOne. He has over 27 years of experience in IT security, with leadership positions at multinational corporations like Cisco, Juniper, Tenable, NTT, SentinelOne, and Safescrypt (formerly Verisign). Throughout his career, he has successfully established and expanded security businesses from their inception to achieving multimillion-dollar successes.
The era of artificial intelligence (AI) is decisively upon us, creating new security implications. Traditional controls are not able to see the data employees feed into third-party AI models. Security teams have limited insight into the expanding universe of AI tools and assistants now embedded across the enterprise.
AI-enabled browsers with built-in chat or summarisation features open fresh avenues for data leakage. The growing use of Model Context Protocol (MCP) servers, which link agents to other agents, adds a new, largely ungoverned layer of risk that most organisations are unprepared for. Attackers today are also leveraging the same AI advantages defenders once saw as their edge, accelerating the urgency of making cybersecurity a core business enabler.
Boards and CEOs must wake up to the reality that tools alone will not save them. Security outcomes will increasingly depend on culture, collaboration, and the ability to make high-quality decisions at machine speed. The organisations that thrive will be those that unify AI, human judgment, and shared intelligence into a single, living defence fabric.
Here are five factors that organisations must navigate to ensure security is managed, executed, and lived across the enterprise:
AI Moves from Co-Pilot to Autonomous Defence
2026 will witness the emergence of true machine-speed security. AI will no longer merely assist human analysts with alert triage and contextual enrichment, but will independently analyse threats and take pre-emptive containment actions within seconds. While humans remain custodians of accountability, their focus will pivot from constant alert review to oversight, complex incident analysis, and shaping strategic security posture.
This will change how security performance is measured. Instead of counting closed alerts, the conversation will revolve around how many incidents AI systems detect, contain, and remediate autonomously – and how this empowers security professionals to dedicate time to higher-value tasks like threat hunting and strategic defence design.
Security Operations Centres Rebuild Around Real-Time Data
The legacy model of Security Information and Event Management (SIEM), which relies on historical log analysis, is becoming obsolete. Indian Security Operations Centres (SOCs) will be redesigned around live telemetry streams and in-line AI decision engines that observe and counter threats as they unfold. Analysts will no longer be passive observers of static dashboards but active overseers of dynamic systems continuously ingesting data from endpoints, cloud environments, network traffic, and identity platforms.
Also Read: Anand Mahindra: Living the Philosophy ‘Purpose with Profit’
This real-time approach enables a proactive containment mindset where devices can be quarantined, sessions cut, and privileges revoked automatically while informing human analysts who focus on policy tuning and resolving complex edge cases. This new SOC model accelerates response time from hours to minutes, containing threats before they can escalate.
SaaS Security Becomes a Boardroom Priority
With Indian enterprises increasingly relying on hundreds or thousands of software-as-a-service (SaaS) applications - many of which are purchased independently by business units outside IT or security control - the challenge of shadow SaaS and uncontrolled access emerges as a major blind spot. Sensitive credentials and data disperse across cloud platforms, increasing risk and complexity.
In 2026, boards will expect CISOs to provide continuous SaaS security posture management and identity-risk scoring that cover the entire SaaS ecosystem. Investment will shift away from fragmented point solutions toward unified, identity-centric control planes able to answer critical questions: Which SaaS apps are in use? Who holds access rights? Which identities—human or machine—possess excessive or risky privileges? Effective SaaS governance will be fundamental to enterprise risk management and regulatory compliance.
Security Culture Becomes the Deciding Factor
In a challenging threat landscape coupled with budget constraints, no amount of technology can fully substitute for a strong security culture embedded in everyday behaviour. For Indian organisations, 2026 will be the year when security transforms from an annual checklist exercise to a business-as-usual mindset. The organisations that outperform will be those that design processes, tools, and leadership behaviours to make the secure choice the easiest and default option.
Also Read: 5 Indian Movies That Inspire Entrepreneurs
Security will truly become a shared responsibility, visible in product development, vendor management, data stewardship, and incident handling. Employees who internalise security best practices as second nature, motivated by a culture of collective responsibility rather than mandates, will form a resilient final defence layer against increasingly sophisticated attacks.
Shared Intelligence Becomes a Shared Shield
Adversaries rapidly collaborate with each other, sharing tactics, tools, and exploits, increasingly augmented by AI capabilities that skip traditional barriers and speeds. Conversely, defenders in India cannot afford to operate in isolated silos. 2026 will see an expansion of continuous, automated threat intelligence sharing facilitated by CERT-In, sector-specific communities, and global partnerships.
These networks will enable anonymised, machine-readable sharing of indicators of compromise, attack tactics, and behavioural patterns. Organisations plugged into these collaborative ecosystems will convert collective knowledge into real-time protections, significantly enhancing their ability to detect and disrupt AI-powered cyberattacks.
Also Read: 1947 to 2026: Evolution of India-France Diplomatic Relationship
The common thread across these five shifts is a fundamental rethink of accountability. As AI takes on more of the execution, leaders must be clear about who is responsible for outcomes, how decisions are governed, and how risk is communicated from the SOC to the boardroom.
2026 will reward enterprises that treat cybersecurity not as a control function, but as a strategic capability built on autonomous defence, real-time visibility, strong culture, and ecosystem collaboration. Those that adapt early will not just withstand the next wave of cyber risk; they will compete and innovate with greater confidence in a more hostile digital world.
xxx