This is an exclusive article series conducted by the Editor Team of The Mainstream with Mr. Anil Kuri, CGM – Chief Information Security Officer & Head of DPO at Union Bank of India
Changing Threat Landscape: “AI is changing the character of cyber attacks. From your own point of view, what are the AI-enabled threats that haunt CISOs in their sleep?”
The largest threat now is AI weaponization where the attackers are employing AI at scale for polymorphic malware, deepfake-driven social engineering, automated reconnaissance, Distributed Denial of Services (DDoS), etc. Generative AI has increased phishing and fraud to be more believable, scalable, and context-aware. With everything being infused with AI, AI model manipulation and data poisoning are new threats for organizations rolling out AI systems.
Use of AI for securing AI ecosystem can be the solution. We believe, AI Security & Governance Framework is absolutely indispensable for any organization, addressing risk through model validation, adversarial testing, and risk scoring, making AI ecosystem secure, explainable, and compliant.
Prioritising Risks: “With threats evolving rapidly, how do you determine which AI-powered risks require immediate attention versus long-term strategy?”
Our prioritization of risk is business impact-led and regulatory alignment-focused. Highest priority in the near term is AI-powered social engineering, identity breach, and AI model integrity. These are presenting direct operational effect and reputational risk. Additionally, our strategic long term priority is quantum readiness and responsible AI governance to drive future resilience through the PQC Readiness Program and adherence to ISO/IEC 42001:2024 for AI management.
Proactive Defence: “What strategies or technologies have you found most effective in detecting and mitigating AI-enabled attacks?”
We are orchestrating a transition from reactive defense to predictive resilience. Organisation must adopt AI as intrinsic element of their Security Strategy. Security Operation must be elevated to an AI-powered SOC, where machine learning (ML) and GenAI are combined for anomaly detection, auto-triage, and threat correlation in IT and OT environments. Real-time AI analytics, Agentic AI assistants to enable automated investigation and reporting, GenAI-based contextual summarization to decrease response time, are some of promising areas for deployment of AI. “AI for Security” initiative would turn SOC into an automatic defense platform from a passive monitoring system.
Balancing Security and Business: “How do organizations balance staying secure while allowing the use of AI for innovation and growth?
For speed of travel you require Car with effective brake and likewise Security and innovation are not contradictions, they are co-enablers. As the security leader, I have a “Secure-by-Design, Responsible-by-Governance” approach. Each AI project, be it for fraud detection, chatbot support, or predictive analytics must be ethical reviewed, risk scored, and explainability validated prior to deployment.
By integrating, Security by design principles, AI governance and data privacy (DPDP Act 2023) controls at an early stage, we make innovation responsible, compliant, and trusted. This is in line with RBI’s FREE AI Framework (Fairness, Reliability, Explainability, and Ethics).
Creating Awareness Throughout the Organization: “How do you ensure employees and leadership understand the impact of AI-powered threats and act accordingly?”
Awareness alone isn’t enough, it must translate into effective and responsible cyber behavior. At our Cyber Security Centre of Excellence (CCoE) in Hyderabad, we conduct AI threat awareness and simulation programs, including exercises on phishing, smishing, and deepfake detection, to help employees recognize and respond to evolving risks.
At the leadership level, we organize Executive Cyber Exercises, Tabletop Drills, and Certification Programs in alignment with RBI, NCIIPC and CERT-In guidelines, strengthening enterprise-wide understanding of AI risks, response strategies, and governance responsibilities.
Our outreach goes beyond the organization. We engage customers, the general public, and young audiences in schools and colleges through webinars, social media, workshops, and awareness campaigns, spreading knowledge about both traditional cyber threats and emerging AI-driven risks.
Our vision is to make cybersecurity not just a compliance requirement, but a shared culture and instinctive habit one that empowers every individual to act securely in the digital world.
Future Prospects: “Looking ahead, how do you foresee AI-based threats changing, and what action should organizations take today to prepare?
AI-led threats will become more autonomous, adaptive, and self-optimizing from generative misinformation to autonomous attack cycles. To meet this, our next frontier consists of three significant thrusts. One, AI-enabled SOC automation for predictive threat handling, Two Post-Quantum Cryptography migration to protect long-term data privacy and Third and most critical pillar, AI Security Certification (ISO/IEC 42001:2024) to institutionalize responsible AI governance.
Our philosophy is straightforward yet unequivocal – expect, evolve, and ensure.
The intersection of AI-powered security, quantum-resilient preparedness, and ethical frameworks for AI will shape the resilience of future digital businesses.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
