What is the story about?
India’s cyber security agency CERT-In has warned that the rapid rise of artificial intelligence is “significantly transforming the cybersecurity landscape.”
In its latest cybersecurity blueprint, the agency mentioned how technologies such as generative AI, large language models (LLMs), autonomous agents and AI-enabled automation tools are now being actively leveraged by cybercriminals to “accelerate reconnaissance, automate vulnerability discovery, generate highly targeted phishing campaigns, develop adaptive malware, and enhance the scale and speed ofcyber attacks.
According to the blueprint, AI-powered cyber exploitation is significantly reducing the time attackers need to identify weaknesses in systems, exposed services, insecure APIs and weak digital identities.
“As organisations become increasingly dependent on interconnected digital infrastructure, cloud ecosystems, software supply chains, operational technologies, and AI-enabled platforms, the potential impact of AI-enabled cyber threats continues to increase across sectors,” CERT said.
CERT-In has asked organisations to move beyond traditional, perimeter-based cybersecurity practices and adopt a more adaptive and resilience-focused approach asAI-driven threats continue to evolve.
It said companies should regularly scan their systems, monitor internet-facing assets, review cloud and API environments and ensure vulnerabilities are properly fixed after detection.
CERT-In also advised organisations to prioritise risks based on how serious and exploitable they are especially if they affect critical systems or publicly exposed networks.
The agency also suggested strict timelines for fixing vulnerabilities. According to the blueprint, critical flaws affecting important or internet-facing systems should be patched within 12 hours wherever possible while other high-risk vulnerabilities should be addressed within one to five days depending on severity.
If patches are not available, organisations should temporarily isolate affected systems, restrict access and strengthen monitoring.
CERT-In has also asked organisations to strengthen the security of their software and digital supply chains. The agency recommended frameworks such as Software Bill of Materials (SBOM), AI Bill of Materials (AIBOM), Quantum Bill of Materials (QBOM) and Cryptographic Bill of Materials (CBOM).
These systems are aimed at helping companies identify software dependencies, verify sources and reduce risks linked to third-party technologies and AI tools.
The agency also highlighted the risks linked to unchecked use of public AI platforms and large language models (LLMs).
CERT-In advised organisations to put safeguards in place to prevent manipulation of AI systems through harmful inputs and to monitor unauthorised or ‘shadow AI’ usage within companies. It also stressed that critical AI-assisted decisions should continue to involve human oversight instead of being fully automated.
CERT-In also said organisations must report cyber incidents within six hours. The blueprint also outlined a phased implementation plan which begins with immediate risk reduction measures and multi-factor authentication (MFA) enforcement in the first week.
The next phase focuses on strengthening operations and upgrading Security Operations Centres (SOCs) in 8-30 days while the final phase includes advanced resilience testing and red team simulations (31-60 days).
In its latest cybersecurity blueprint, the agency mentioned how technologies such as generative AI, large language models (LLMs), autonomous agents and AI-enabled automation tools are now being actively leveraged by cybercriminals to “accelerate reconnaissance, automate vulnerability discovery, generate highly targeted phishing campaigns, develop adaptive malware, and enhance the scale and speed ofcyber attacks.
According to the blueprint, AI-powered cyber exploitation is significantly reducing the time attackers need to identify weaknesses in systems, exposed services, insecure APIs and weak digital identities.
“As organisations become increasingly dependent on interconnected digital infrastructure, cloud ecosystems, software supply chains, operational technologies, and AI-enabled platforms, the potential impact of AI-enabled cyber threats continues to increase across sectors,” CERT said.
CERT-In has asked organisations to move beyond traditional, perimeter-based cybersecurity practices and adopt a more adaptive and resilience-focused approach asAI-driven threats continue to evolve.
It said companies should regularly scan their systems, monitor internet-facing assets, review cloud and API environments and ensure vulnerabilities are properly fixed after detection.
The agency also suggested strict timelines for fixing vulnerabilities. According to the blueprint, critical flaws affecting important or internet-facing systems should be patched within 12 hours wherever possible while other high-risk vulnerabilities should be addressed within one to five days depending on severity.
If patches are not available, organisations should temporarily isolate affected systems, restrict access and strengthen monitoring.
CERT-In has also asked organisations to strengthen the security of their software and digital supply chains. The agency recommended frameworks such as Software Bill of Materials (SBOM), AI Bill of Materials (AIBOM), Quantum Bill of Materials (QBOM) and Cryptographic Bill of Materials (CBOM).
These systems are aimed at helping companies identify software dependencies, verify sources and reduce risks linked to third-party technologies and AI tools.
The agency also highlighted the risks linked to unchecked use of public AI platforms and large language models (LLMs).
CERT-In also said organisations must report cyber incidents within six hours. The blueprint also outlined a phased implementation plan which begins with immediate risk reduction measures and multi-factor authentication (MFA) enforcement in the first week.
The next phase focuses on strengthening operations and upgrading Security Operations Centres (SOCs) in 8-30 days while the final phase includes advanced resilience testing and red team simulations (31-60 days).
