Vishal Salvi, CEO of domestic cybersecurity firm Quick Heal Technologies, said Mint that “On average, AI has the potential to reduce manpower costs for a cybersecurity company by 30-40%. While the impact of this cost reduction is not a 1:1 case, in the long term AI is undeniably accelerating the decline in unit costs of cybersecurity software as it grows at scale.”
Companies are already seeing the benefits of this. Karon Shaiva, Managing Director of Mumbai-based MSME Idobro Impact Solutions, said: “For small businesses, cybersecurity spend is less than 1% of net spend, but this is also a factor in the cost of scaling back security services . This has happened thanks to AI helping to scale costs.”
This, Shaiva added, is because “it becomes very difficult for small businesses to bear the financial, operational and reputational damage in the event of a cyber attack.”
Such a disruption became apparent in July. A faulty update from content distributor CrowdStrike led to widespread IT hardware outages, highlighting the need for even small businesses to manage cyber service partners.
In August, a Gartner report predicted that cyber spending in India will rise 17% – to $3.4 billion next year, up from $2.9 billion this year. Managed cybersecurity providers, which use AI to reduce costs, are expected to grow by 42% in India.
Manage costs
It's fair to say that cybersecurity companies have always used AI to detect new vulnerabilities and automate services. Managed service providers, to which companies outsource their cybersecurity activities, have been expensive until now because cybersecurity engineers are expensive resources. Adopting AI and automation in services such as threat alerting now helps scale these costs, which is critical for cost-conscious Micro, Small and Medium Enterprises (MSMEs).
This is important because MSMEs are key sellers and suppliers to India's industrial conglomerates. Akshat Jain, co-founder and chief technology officer of cybersecurity firm Cyware, said: “Large enterprises typically deal with hundreds of vendors and suppliers who have approved access to their systems, making MSMEs critical to securing the broader ecosystem. Protecting SMEs is not just about their own resilience, it is also about preventing potential compromises that could filter through to the larger enterprises.”
Apurva Gopinath, vice president of risk management, insurance and advisory firm Aon, further added that certain sectors could be more sensitive than others. “BFSI faces stringent regulations, while healthcare, due to rapid digitalisation, is another key sector where cybersecurity adoption is growing rapidly,” she said.
Using Cyber Security for MSMEs
The initial introduction is increasing due to lower costs. Ravindra Baviskar, director of sales engineering at UK cybersecurity firm Sophos, said MSMEs are “deploying firewalls, adopting endpoint protection tools and conducting regular hygiene checks to meet industry standards.”
“The adoption of cybersecurity platforms among SMBs may not be as high as larger enterprises, but at least they are outsourcing the bare minimum these days. After all, cyber attacks target companies of all sizes,” he added.
The affordability of AI-enabled cybersecurity is also a global trend. IBM's annual 'Cost of a data breach' report from July states that organizations that adopt AI in cybersecurity save $2.2 million annually, compared to those that do not.
Lalit Kalra, cybersecurity partner at consultancy EY India, agreed with IBM's findings. “The price reduction of cybersecurity services, with the help of AI, depends on specific solutions. Organizations that traditionally spend more than $500,000 ( ₹4 crore) per annum in governance, risk and compliance see these costs fall by 70% if they opt for platforms that allow users to choose the services they need,” he said.
Overall, Kalra, who consults with multiple companies on cybersecurity best practices, said SMBs have increased their cybersecurity spending by 60% this year, compared to 2023.
Beyond costs, AI also helps companies respond to breaches more quickly. “Organizations that adopted security AI and automation discovered and contained an incident an average of 98 days faster than organizations that did not use these technologies,” the IBM report said.
Katya Ivanova, Chief Sales Officer of Swiss-based cybersecurity company Acronis, explains why AI is having this impact on cybersecurity accessibility for small businesses: “Instead of having an engineer who analyzes the logs, understands the cyber threat and would come up with a solution AI do it automatically. It provides a summary of the threat in the form of a report and also collects common data for future use.”