AI In Cybersecurity: Rajesh Kumar C G On Balancing Innovation & Risk In India's Digital Transformation

Today, India is one of the most rapidly digitalizing countries in the world. As companies and government institutions integrate more and more digital solutions, the number of cyber incidents continues to increase. For example, according to Statista, more than 1.39 million cyber attacks were registered in India in 2022, which is 26 times more than five years earlier. Experts also point out that one of the main trends in recent years is the use of artificial intelligence by both attackers and defenders.

However, despite the active adoption of digital technology, most companies and government agencies are still in the early steps of integrating artificial intelligence into cybersecurity systems. As international experience shows, this is precisely where key risks and mistakes lie.

We spoke with Rajesh Kumar C G, founder and CEO of the Australian consulting company INOVITSI, about the specifics of these challenges and the most effective approaches to addressing them. With a Master's degree in Information Technology and Management from the University of Sydney and over 18 years of experience in cybersecurity, secure architecture design, and data management, Rajesh has led critical projects for government agencies and large corporations across Australia — highly relevant experience for India's rapidly expanding digital ecosystem and emerging cyber security environment.

AI is changing the game — but not always in favor of defense

"Today, we see AI being used to craft advanced phishing attacks, generate malicious code, and automatically exploit vulnerabilities in infrastructure. I mean, it's crazy when you think about it. Many companies have this false sense of security, believing that implementing a boxed monitoring system is enough to solve the problem. In practice, this is far from true," Rajesh notes, shaking his head slightly.

According to him, most organizations underestimate one crucial factor: AI systems are only effective when built on high-quality data and strategically integrated into the company's architecture rather than applied in isolated patches. The use of predictive models and machine learning requires constant data updates, close integration with business processes, and qualified personnel who understand how to interpret the algorithms' outputs.

"In one of our engagements involving a government environment, we encountered, you know, quite a bit of internal resistance — people feared automation, worried that AI would replace employees. But, on the contrary, and I've seen this time and again, properly implemented solutions free up resources and improve team efficiency, allowing them to focus on truly high value tasks," the expert shares from his personal experience.

Common mistakes organizations make

In Rajesh Kumar C G's view, organizations often make several typical mistakes when integrating AI into cybersecurity. One of the most common methods is a decentralized approach. Companies limit themselves to separate solutions without building integrated security architectures. In addition, personnel training is often lacking. Employees simply don't have the skills needed to analyze AI and this dramatically reduces the effectiveness of even the most advanced technologies. Furthermore, companies often ignore ethical aspects and cannot seem to develop transparent regulations for processing personal data and AI algorithms.

"Most corporations believe an AI implementation is a one-time project, while forgetting the long-term planning, education of the employee base, and frequent fine-tuning of the system. Without it, technology will be an expensive, but useless, asset," asserts C G emphatically. He points out that integrating modern AI tools into older systems is rarely straightforward. Legacy infrastructure brings technical roadblocks, and internal pushback is common. Another common mistake that he has observed time and again is overemphasizing the innovative factor while missing the elements of safety and regulatory compliance. He emphasizes the fact that each implementation has to enhance the flexibility of the organization without introducing fresh risks or disruptions.

Strategy: how to build sustainable protection

So how can businesses break free from these usual errors and create a stronger cybersecurity posture? Rajesh answers reflectively: "First, unified  architecture is required— the system has to span the whole ecosystem, not just components. Secondly, data — which I can't emphasize enough — AI only works if it gets high-quality, current information. Thirdly, training — businesses have to invest in the development of professionals with the capability not just to work with algorithms, but also to critically assess their outputs. Finally — ethics, transparency. Particularly in the public sector, the implementation of AI has to be complemented by rigid standards for the processing of private information."

At his company, INOVITSI, Rajesh was responsible for the development of security-oriented architecture designs for the government. These roles required filling the gaps between machine learning and monitoring mechanisms at all infrastructure levels — from the external perimeter of networks to the internal warehouses of information. One invention involved the development of predictive models that would analyze user activity and traffic flows online, identifying anomalies virtually upon their emergence.

Moreover, response processes had high automation levels: upon threat discovery, the system would automatically start containment processes and alert responsible personnel, minimizing human error and response time. Concurrently, Rajesh's team performed extensive legacy system audits and came up with pragmatic plans for upgrading and closing vulnerabilities.

That holistic approach significantly reduced the time it took to react to events and enabled faster patching of critical vulnerabilities ahead of exploitation by others. C G regularly makes the argument that the pursuit of the sweet spot — judiciously combining AI with automation while continuously tuning infrastructure for resiliency and scalability — is the key to long-term success.

Global standard as a reference point for India

Rajesh's profile details how these principles can be put into practice specifically: "A combination of technical expertise, planning, and problem-solving skills has enabled me to be successful. I've had to approach some exceedingly challenging scenarios with legacy system complexity, limited time windows, and security challenges that appeared herculean at first. Honestly, these challenges have simply enhanced my capacity for driving transformative cybersecurity and information work."

His work goes beyond the projects. Through mentoring, future scientific articles, and expert advising, Rajesh assists in the development of cybersecurity and regulatory technology transformation best practices. Of note, he participated in the review of the 2023–2030 Australian Cyber Security Strategy, wherein his commentary advanced national cybersecurity goal alignment and reflected his global-level expertise. His value was marked by the capability of assessing national policy from the perspective of cybersecurity and offering feedback based on real-world implementation expertise — only a smaller number of professionals are well-suited to make such a contribution.

He also led the solution architecture for the Broker Remuneration Review, a high-impact regulatory initiative that involved analyzing millions of home loan records. To address the complexity of the data, he developed a novel ETL framework that allowed continuous ingestion of spreadsheet-based submissions into a structured analytics platform — a solution tailored to regulatory data challenges. This custom-designed approach enabled uninterrupted, continuous agile data ingestion and analysis, and overcame limitations where traditional data processing tools would have failed miserably.

In addition, Rajesh has led security reviews and evaluations of at-risk departmental projects within Australian federal government agencies. Due to his high level of expertise and unique experience, he was often sought by senior leadership to assess project risks and implement turnaround strategies that enabled successful delivery. These interventions demonstrate his remarkable ability to introduce practical, original solutions under pressure and contribute strategic direction in high-stakes program environments.

He has authored three academic papers covering proactive cyber threat detection, the resilience of critical infrastructure to cyber warfare, and the strategic application of artificial intelligence in national cybersecurity. These papers — Methods of Proactive Detection of Cyber Threats Using Machine Learning, Enhancing the Resilience of Critical Infrastructure to Cyberwarfare Threats, and The Strategic Role of AI in Enhancing National Cybersecurity Frameworks — have been published in the International Journal of Scientific Engineering and Science (IJSES), the International Research Journal of Modernization in Engineering Technology and Science (IRJMETS), and the Asian Journal of Research in Computer Science (AJRCOS), respectively.

Rajesh Kumar C G was presented the 2025 Cases & Faces Award "Achievement in Technology Innovation" for the Cybersecurity special award, an acknowledgment of his leadership and achievements in the discipline. He also participated in the jury panel of the prestigious Globee Awards, an overseas program recognizing excellence in technology and business. He is also an IEEE Senior Member, one of the most renowned professional associations globally for technology and engineering, an achievement that speaks well of his capacity to solve cybersecurity issues not just throughout Australia but also elsewhere in emerging digital economies such as India.

As INOVITSI Founder and CEO since August 2022, Rajesh continues offering cybersecurity consulting services to the private and public sectors. Having had earlier stints with Senior Architecture Leadership roles, his expertise lies in the design of secure digital ecosystems — a skillset that is increasingly vital in regions like India, where digitization is taking place at breakneck speed, calling for scalable, consistent, and strong security infrastructure. His expertise also involves the assessment of cybersecurity projects and carrying out security design reviews in Australian federal government agencies with the aim of enhancing cybersecurity resilience and compliance.

Forecasts: what's next for cybersecurity

Rajesh emphasizes that over the next three to five years, cyber threats will become even more personalized and dynamic — thanks to the development of generative models. "We see how easy it is today to create phishing emails or deepfakes using neural networks. It's absolutely terrifying, if I'm being honest. Without building comprehensive analytics and training systems to detect anomalies in user behavior quickly, the consequences can be catastrophic. I've seen what can happen firsthand."

He also predicts increasing regulatory pressure globally, with countries like Australia, the United States, and those across Europe introducing regulations that hold company boards and directors accountable for cybersecurity breaches. As a result, organizations are implementing automated response systems and advanced analytics to strengthen their cybersecurity posture. Rajesh believes India will adopt similar standards in the coming years.

"My mission, and I believe it with all my heart, is safeguarding citizens and their information against cybercriminals, making sure that advances in technology craft a better tomorrow while safeguarding people and staying cyber smart," states Rajesh Kumar C G, underscoring the value of preventative security. "Adding AI to the field of cybersecurity is not the act of embracing new tools — it is the reengineering of the entire organizational mindset. Listen, if we are going to really secure India's digital destiny, we are going to need a national, unified strategy combining AI-based technologies with workforce education, ethical guidelines, and a comprehensive regulatory environment. My dream is one where cybersecurity becomes a cornerstone of digital trust, citizen security, and economic strength, enabling India to grow securely through the digital decades," C G concludes with conviction.

news