New Delhi: India faces a critical shortage of skilled engineers to safeguard essential infrastructures such as power grids, telecom networks, banks, and government systems from increasingly sophisticated cyber threats, especially as cyber attackers leverage artificial intelligence (AI) to enhance their capabilities.
Industry stakeholders and analysts have indicated that India currently employs approximately 350,000 professionals in cybersecurity roles, while the demand for such expertise is estimated to be around one million, according to data from staffing firms Adecco and Quess IT Staffing. The persistent gap persists despite a gradual increase in the cybersecurity workforce due to rising opportunities and salaries.
As of 2023, with close to 300,000 engineers working in cybersecurity, the growth rate has been inadequate to meet escalating industry needs. “The threat gap is real, and is a key cause of concern for enterprises as cyber attacks are getting more sophisticated,” said Aditya Verma, former director of transformation and cybersecurity at the Indian Navy and leader of public sector security for India and South Asia at Cisco. He pointed out that attackers are now able to automate many cyber threats thanks to AI, while defenses tend to remain reactive.
Verma advocates for a systematic approach to cybersecurity training akin to traditional security sectors, proposing the establishment of a dedicated cyber cadre with state-level training programs. He noted that the current cybersecurity education landscape largely consists of short-term certificates and workshops, leaving a significant void in qualified candidates for high-level roles such as Chief Information Security Officers (CISOs).
The urgency for more cybersecurity engineers is particularly pronounced as the rise of generative AI has contributed to an uptick in cyber attacks across India. The Data Security Council of India’s (DSCI) 2025 Cyber Threat Report projects a dramatic increase in “behaviour-based cyber threat” detections, which are expected to rise from 13 million in 2022 to approximately 54 million by the end of 2024—a more than fourfold increase in just two years.
Despite competitive salaries—averaging ₹20 lakh per annum for engineers with five years of experience and reaching up to ₹60 lakh for those with a decade of experience—the talent shortage persists. Sanketh Chengappa, director of professional staffing at Adecco Group, emphasized that the core issue lies not in pay but in the lack of adequately skilled professionals and a shortfall of comprehensive training programs in both the public and private sectors.
The skill shortage is so severe that organizations specifically focused on cybersecurity and managed services are struggling to recruit and retain qualified talent. Dharshan Shanthamurthy, founder and CEO of Bengaluru-based cybersecurity firm Sisa Infosec, remarked that while there has been progress in the field over the last decade, the pace of upskilling has failed to keep up with increasing demands fueled by AI’s role in cyber attacks.
“While basic triaging of cyber threats can be automated, higher-level threats require more advanced skills, and there simply aren’t enough professionals available to handle them,” Shanthamurthy noted. His firm has collaborated with the Ministry of Electronics and IT (MeitY) and the Indian Computer Emergency Response Team (Cert-In) to launch the Certified Security Professional for Artificial Intelligence (CSPAI), a national accreditation program aimed at early-stage security engineers.
On December 29, during a MeitY event, Sanjay Bahl, director general of Cert-In, acknowledged the government’s efforts to address the supply gap in cybersecurity professionals. Cert-In is also involved in other training initiatives, including an eight-week professional development course in partnership with the Birla Institute of Technology and Science (BITS), Pilani. However, the stark skill gap continues to challenge companies operating in India.
Verma stated that the demand for cybersecurity professionals with expertise in statistical applications and AI-led specializations is particularly high, as these skills allow for quicker access to higher-paying roles. He stressed that effective cybersecurity training must begin at the undergraduate level, yet progress in this area has been slow, perpetuating the talent gap.
Shanthamurthy added that while AI has proven beneficial for security firms, the need for experienced engineers to manage public-sector cybersecurity, especially concerning sophisticated threats from nations like North Korea, remains pressing. “The ongoing skills disparity and the insufficient number of adequate training programs are the largest contributors to this issue,” he concluded.
See also
Anthropic’s Claims of AI-Driven Cyberattacks Raise Industry Skepticism
Anthropic Reports AI-Driven Cyberattack Linked to Chinese Espionage
Quantum Computing Threatens Current Cryptography, Experts Seek Solutions
Anthropic’s Claude AI exploited in significant cyber-espionage operation
AI Poisoning Attacks Surge 40%: Businesses Face Growing Cybersecurity Risks
