India’s banking and financial services sector is among the most regulated industries in the country, yet it remains alarmingly exposed to a rapidly evolving threat landscape. From DMARC gaps and BEC attacks to ungoverned AI agents quietly exfiltrating sensitive data, the vulnerabilities are multiplying faster than defences can keep pace.
In this candid conversation, Bikramdeep Singh, India Country Manager at Proofpoint, pulls no punches. With deep expertise spanning email security, data protection, and AI governance, Singh unpacks why the BFSI sector’s digital transformation ambitions are outrunning its security maturity — and why human risk continues to anchor nearly 67% of all breaches.
As the DPDP Act reshapes compliance obligations and generative AI rewrites the rules of engagement, Singh offers a frank assessment of where India’s CISOs must focus — and how much time they have left to act.
India Country Manager
Proofpoint
CISO Forum: Why is India’s BFSI sector still struggling with basic email security gaps like DMARC?
Bikramdeep Singh: The BFSI sector is the most regulated in India right now, and it has been for multiple years. So if you look at the entire attack surface and the way fraudulent transactions work, it’s always a catch-up game — what we call game theory.
You can only get better, but the motivations on the other side, the attackers or the malicious actors, are always high.
So you have a catch-up game, and what happens is that, if you look at the kinds of solutions the bank provides — opening an account, getting loans, interacting with customers — the channel has to stay open. Hence, they are accessible to their customers. The only channel that can provide that kind of communication is email. So they can’t put up too many blocks and all that, because they need to appear open, since customer service obviously has to be better for a bank to operate.
But at the same time, this has become like a gateway. In the past, banks have been updating their security at other levels. So downstream within the bank, you have higher-grade technology protecting them — ensuring any threat that comes in doesn’t spread too much, and providing adequate security to avoid any loss of PII data and all that. But the gateway was always open, which led to phishing and other attacks targeting the bank.
Regarding the attacks happening now, banks are becoming more aware. They are also looking at different options. Earlier, there was greater reliance on Microsoft, so when you have a single vendor, you have to go with the tools it offers. But now there are different options available. The Indian government has mandated that other options be evaluated, opening the way for a more secure, more intelligent gateway—one that can provide the openness a typical email gateway should offer while also enhancing the bank’s overall security posture.
That’s where the DMARC piece comes into place. It was always in DMARC monitor mode because banks believed they could monitor all incoming traffic and take remedial action if required. But now it is moving to a stricter posture because the attacks have become increasingly complex.
CISO Forum: How is GenAI adoption reshaping the cyber risk surface for financial institutions?
Bikramdeep Singh: GenAI is something that has been adopted faster than it arrived — and that’s one of the reasons. When adoption moves so quickly, you try to create solutions within banks that you think provide value, but at the same time, they increase the overall attack surface.
If you look at basic examples like using agentless technology to answer customer queries, helping customers with loan sanctions through agents, or automating basic services like voice calling, these things do provide better service to customers. But at the same time, they are operating and responding based on data provided by the bank. So now imagine that the entire security framework, which was laid out under the assumption of humans working within banks, is being replaced by machines and agents. The security infrastructure is not ready to address this kind of attack surface.
That has become a new problem in most organizations, especially in banks that have adopted customer-facing applications. A lot of these enhancements came in very quickly because they provided better service and lower operational costs, helping banks enhance their overall offerings to customers and making it easier for them to both sell and provide value to their customer base.
Here’s the proofread version with grammar and structural corrections, keeping all words and meaning intact:
CISO Forum: Where do traditional security models fail in agentic or autonomous work environments?
Bikramdeep Singh: Yeah, I think, as I mentioned, most of the next-gen tools that banks adopted were motivated by a human-centric approach — a behavioral approach taking into consideration user behavior and the attacks that are happening. If they land within the bank, how does the user translate it, or does the user use that particular data? But now all that has been replaced by agents, right? Both in terms of the service being provided and the basic intel being shared.
For example, agentic tools like ChatGPT or other LLMs — organizations, intentionally or unintentionally, have employees using these tools with particular data. So what stops them from using bank, BFSI, or their organization’s data to enhance their queries? A simple question like “What is the salary of my boss?” can yield many answers in the tool. And is that data being shared outside the bank? Yes, because ChatGPT is not limited to the bank’s database. So it’s internal data being shared outside, and those kinds of exposures have increased the attack surface phenomenally.
All the security postures that were put in place within the bank — considering there are X number of employees, this is their interaction, this is the internet access capability, these are the applications they have to leverage — have now been further expanded by agents talking to users and leveraging that same data. And on top of that, there are additional tools that can help enhance your current ability to answer customers, or within your organization, your bosses and employees.
So imagine the entire data set is there to help the customer, but the governance around it is not in place. As I said, the catch-up game never ends. It’s a game-theory piece, and it always gives the attacker an additional advantage because you only need to go wrong once. The attackers can attack hundreds of times and fail, but you need to fail once for the exposure to enter the organization.
CISO Forum: Why does human risk remain the biggest vulnerability despite advanced security stacks?
Bikramdeep Singh: Yeah, if you look at any of the earlier reports that we published, about 67% of CISOs identified human risk as one of the key factors contributing to any particular breach or data exfiltration issue. And that is purely because, if you look at any complex tool being deployed — in terms of how it is deployed within the organization, the scope of that deployment, or what rule sets you want to configure — these keep continuously changing.
So it only takes one misstep when you’re configuring those tools to cover a particular scope, or when you’re creating rules to avoid certain attack vectors. In both cases, humans become a critical catalyst — both in deploying the tool and when deployment gaps exist. In certain organizations, where the volume of change keeps varying, humans become an essential part in either initiating a breach or keeping a loophole available that a malicious actor can leverage. And that’s why humans play a very important part in it.
CISO Forum: How should BFSI firms rethink data protection in light of the DPDP Act?
Bikramdeep Singh: Yeah, I think the DPDP Act has many facets to it — both in terms of how data should be handled and the awareness around where exactly your PII data resides and how it can be restricted. So, having a complete understanding of how DPDP affects the organization, based on the kind of data they have, is especially important in BFSI.
PII data is not only present when the user shares it with consent — it also travels to different vendors for the creation of cards and other products offered as services to customers. So it is not just limited to how banks treat PII data within the bank, but also to how they allow their vendors and partners across the ecosystem to leverage that data and their customers’ data to enhance their services and so on.
Added to that is the capability they are adopting — whether agentic technology or AI-based services. How do they put governance or access controls around the data that agentic tools leverage to deliver better service to their customers? All these things, put together, should result in activities that help organizations move closer to what DPDP aims to achieve. It is essentially a framework being introduced to build a more secure, digitally native BFSI organization in the country.
CISO Forum: What are the most common ways attackers are exploiting trust in digital banking today?
Bikramdeep Singh: Email remains the biggest channel and vector for attacks within any organization. Account takeovers have been among the largest factors contributing to breaches within organizations.
Gone are the days when email security was limited to just phishing attacks. While emails are being addressed, you also have to look at BEC attacks. You have to look at callback-related emails where a phone number is provided, and you’re expected to call back, or a link is provided that takes you to another site. So there are different ways attackers have created means to exfiltrate user data.
And it just takes one compromised actor to do it. Add to that the fact that there is more collaboration amongst tools. To give you an example: if a malicious link is sent to one person and he forwards it through internal chat to 5,000 colleagues, and you find out it’s malicious, can you pull it back from all 5,000 people at once? So it is not just about allowing, disallowing, or identifying a threat — it is also about how fast a remedial action can be taken to avoid a widespread attack within the organization.
One key factor that has emerged from the AI piece is that vulnerabilities are being identified across different tools at machine speed. And the only question is — can you provide patches at that same pace? It’s about how fast you can remediate, because patch management has never been straightforward. We’ve always found that not all applications can be patched every time—they’re business-critical.
So it’s all about taking the right steps, moving quickly, and having remedial actions in place to prevent a widespread attack across the entire organization.
CISO Forum: What does truly resilient, AI-ready cybersecurity architecture look like for BFSI?
Bikramdeep Singh: There are two parts to AI security within any BFSI organization. The first part — like I said, the largest threat vector — is email security. It should be able to identify threats at the pace at which they are generated. So you need a good threat intelligence engine at the back end. You should be able to identify spear-phishing activity and other types of attacks, including zero-day attacks. That can only happen when you are leveraging an AI engine within your organization as well. You should also be aware, especially as MITRE frameworks evolve, of which vulnerabilities are open and can be leveraged by threat actors worldwide.
That’s point number one. The second piece is how agentic AI tools are being leveraged within banks, and whether your tools provide guardrails to prevent agents from deriving data from anything beyond what they’re’s supposed to access. Because agents are goal-oriented, they will get you the answer based on anything and everything. If they are on the network, they can go anywhere and figure out the answer. You don’t want that. You want them to be governed and stay within proper guardrails so that they avoid accessing any data that could cause unintended changes within the bank.
The third piece is how data is being treated within the bank itself. It is no longer just about how data is coming in or going out. How data is handled internally — what exactly is shared across internal systems — is where DLP (data loss prevention) is becoming a greater focus for BFSIs. Earlier, it was enough to have a DLP program focused on externally leaked data. How exactly data is being treated within the organization has now become increasingly important.
CISO Forum: What is the one strategic shift CISOs in BFSI must make now to stay ahead of AI-driven and human-centric cyber threats?
Bikramdeep Singh: Yeah, I think one of the key things — and most CISOs are already leveraging this or thinking about it — is being open to understanding that the current security posture will not hold ground in a changing environment. The longer they take to accept that, the more exposed they become to incoming attacks, and it will always be a tougher position to defend from.
The second piece is — if you don’t know where your PII data is, it becomes even tougher to put guardrails around your agents, because even if you don’t know, the agents or the AI running within the organization do know where the data resides.
And the third is — as we have long emphasized, you should know where your data is residing, where your PII data is. You should know which agentic and AI tools within the organization are being deployed and used by your employees, and proactively put guardrails around them rather than reactively. If you are not doing that, then you are not ready to provide the level of security that the bank may require.
