Technology, Media & Telecommunications

Amid growing economic uncertainty and the ever-evolving geopolitical landscape, the role of Chief Information Security Officer (CISO), in general, and within the Technology, Media, and Telecommunications (TMT) sector, in particular, has become quite complex and demanding. The proliferation of smart, connected devices powered by Internet of Things (IoT) has not only expanded the attack surface but also triggered a shadow technology environment, which adversaries are exploiting using increasingly sophisticated tactics such as deep fakes and polymorphic malware. CISOs must navigate these complexities while safeguarding critical data and staying ahead of cyber attackers.

CISOs in organisations across various TMT subsectors are at forefront of addressing the constantly emerging threats, evolving global regulatory compliance requirements and emerging risks due to rapid adoption of digital technology. Many are recognising the importance of positioning their work as a matter of building and maintaining trust, rather than solely satisfying regulatory compliance obligations, as cyber security is becoming a critical element in the products and services offered by the TMT industry. This dynamic has a direct impact on an organisation's revenue, profits, and reputation, thus requiring today’s CISOs to speak the language of business and engage more directly with C-suite colleagues to justify the need for ongoing funding and resources.

TMT subsectors have similar business drivers and multiple synergies which has led to boundaries becoming blurred. However, at the same time, each of these subsectors has unique security challenges. For example, technology services priorities include regulatory compliance, supply chain risk management, and mitigating human risk. On the other hand, software as a service (SaaS) providers are focusing on platform resilience and artificial intelligence (AI) security to protect global operations and reputation. Proactive measures specific to these imperatives are essential. Indeed, according to ��㣨Leyu�� research, 55 percent of TMT CEOs cite cybersecurity as their top overall challenge.¹��For many CISOs, taking a proactive and strategic approach to cybersecurity is crucial to staying ahead of potential threats in today’s environment and also position it as competitive differentiator.

To enhance their defensive posture, many CISOs across TMT are increasingly relying on automation and AI to help bridge gaps left by traditional manual processes and bolster overall security frameworks. Utilising a centralised platform to consolidate multiple tools and processes into a cohesive system is a key strategy for managing alert fatigue, improving decision-making and mitigating risks more effectively. Ensuring resilience is another key area that CISOs are focused upon and newer strategies around data security (specifically with heavy adoption of AI), cloud-based recovery environments, and newer innovative methods are gaining traction, as well.

This report explores cybersecurity considerations for the TMT sector. It provides an in-depth analysis of prevalent challenges, emerging strategies, and the evolving roles of CISOs. It aims to equip security leaders with the knowledge and tools necessary to enhance their efforts, build trust and pursue resilience in a fast-changing digital landscape.

Key cybersecurity considerations for TMT companies in 2025

Embed trust as AI proliferates
Platform consolidation: Embrace the potential but recognise the risks
Resilience by design: Cybersecurity for businesses and society

Embed trust as AI proliferates

While AI becomes increasingly embedded in business operations, many cyber leaders are focused on ensuring that security and privacy implications are appropriately factored in. Other stakeholders also continue to be apprehensive about data use and access issues. Nevertheless, these concerns need to be balanced against the potential of AI to enhance productivity across various organisational functions. In general, sector CEOs believe that AI (both generative and agentic) has the potential to benefit the industry through increased innovation, workforce enablement, fraud detection, and response to cyber-attacks. Reflecting this optimism, ��㣨Leyu�� research has found that 78 percent of TMT sector CEOs cite Gen AI as a top investment priority. Meanwhile, 66 percent believe that ethical concerns are the biggest barrier when implementing Gen AI.²

The TMT sector is associated with constant development of AI technology, which is intended to add value across the wider global economy. This is also becoming a driving force for TMT companies to be at forefront of adoption of AI for their own products, services and processes. To increase acceptance and mitigate risks, it is crucial to work to embed security and, broader trust into AI systems from the outset. By proactively addressing these elements during development, organisations can avoid the costly pitfalls of retrofitting security measures or facing regulatory consequences and reputational damage following an incident. Having trust as a fundamental element of the AI development framework will significantly influence the successful adoption and long-term viability of AI-driven products and services.

Key challenges

Bias in AI systems

Biases that develop during data collection, model training, or deployment can lead to discriminatory practices. These biases present legal and reputational risks.

Striving to ensure transparency and explainability

Complex AI models, particularly deep learning systems, can often be opaque. Transparency in decision-making is especially important for mission-critical processes.

Ethical data use and privacy

Privacy and security issues arise from AI's dependence on vast data. Global regulations like the EU’s General Data Protection Regulation (GDPR), the Digital Personal Data Protection (DPDP) Act in India, multiple US laws, including CCPA, and various other regulations across the globe �� in particular in Canada, Australia, China, Japan, South Africa etc. �� demand responsible data management, requiring AI systems to secure and transparently use personal data.

��

Data security

TMT companies handle vast amounts of personal and sensitive data. Ensuring AI systems are not prone to security risks that could expose the data to unauthorised access and exposure is a top challenge.

Key opportunities

Promote AI solutions across sectors

TMT sector CISOs can enhance AI adoption by working closely with development teams to embed trust principles in these products. Key opportunities exist in healthcare, financial services, and manufacturing for AI services such as predictive analytics and fraud detection.

Adopt responsible AI practices

Leading technology and telecommunications companies can gain a significant “halo effect�� by establishing responsible AI frameworks that ensure fairness, transparency, and accountability across all operations.

Establishing resilience in an AI-powered digital world and fostering trust in the digital ecosystem are global strategic priorities. Enterprises must implement robust cybersecurity and trust frameworks as they integrate AI and its associated capabilities into their broader business strategies. By maintaining a continued focus on AI innovation and enhancing communication with stakeholders at all levels, TMT organisations can further strengthen trust and drive responsible adoption.

Platform consolidation: Embrace the potential but recognise the risks

Organisations are rethinking their technology stack as they seek to reduce complexity and costs. This trend extends to security technologies, where a shift from best-of-breed solutions to more unified platforms is gaining momentum. Historically, while this approach prioritised leading security , it also created a need to manage engineering, which encompasses numerous disparate skills, across multiple tech platforms. This can lead to difficulty in integrating systems and, ultimately, higher costs. In the current environment, with the advent of cloud-based cyber platforms, CISOs must devote increased mindshare to the adoption of platforms to drive efficiency and productivity.

The move toward platform consolidation is rooted in a desire for streamlined operations, lower costs, and more efficient management. However, it could also be considered a factor in the creation of new challenges, such as concentration risk and vendor lock-in, where dependence on fewer vendors can expose vulnerabilities and limit flexibility. Navigating these trade-offs requires strategic planning and a deep understanding of the cybersecurity landscape to help ensure simplification does not come at the expense of security or long-term adaptability.

Key challenges

Integration complexity

Merging disparate platforms, technologies and services from different vendors can be technically complex, multiplying the skills and knowledge CISOs need to have in their organisation. Other complexities include harmonising different software architectures, data formats, and user interfaces, which can lead to compatibility issues.

Regulatory and compliance challenges

In many jurisdictions, platform consolidation can trigger greater regulatory scrutiny, particularly regarding antitrust laws, data privacy, and intellectual property rights. The process may require approval from multiple regulatory bodies, which can delay or complicate consolidation efforts.

Vendor lock-in

Another significant risk is the lack of flexibility and choice if an organisation becomes too tightly bound to a single vendor or a small group of vendors. Long-term contracts may hinder future options, and a lack of vendor innovation may negatively impact security.

Data management and security

Managing data across consolidated platforms is a complex task, especially when different platforms have varying data storage formats, security protocols, or privacy policies. Ensuring data integrity and security post-consolidation is a key challenge.

Key opportunities

Enhanced innovation

By consolidating resources and technologies, businesses can pool their innovation capabilities and focus on developing new products and services with advanced features that leverage the strengths of the combined platforms.

Better data insights

Aggregated data from various sources can provide a more comprehensive view of customer needs. This consolidated information can be used for improved analytics and enhanced decision-making.

Flexibility and scalability

Consolidating platforms can enable companies to more easily adapt to changes in demand, trends, and external conditions and implement new thinking and processes broadly across the value chain.

Enhanced security

A centralised platform can lead to improved security and compliance through standardised security and data privacy protocols.

TMT organisations are increasingly aware of the importance of platform consolidation for their cybersecurity needs, with many shifting toward comprehensive security platforms to streamline their operations. By adopting a strategic approach that includes talent development and careful vendor management, organisations can optimise their cybersecurity posture while mitigating associated risks.

Resilience by design: Cybersecurity for businesses and society

The TMT sector is integral to the functionality of critical infrastructure in today’s highly connected world. Without a robust plan for strengthening cyber resilience, the consequences of attacks can be far-reaching, affecting essential services and, in some cases, overall societal stability. Therefore, preparing for the full impact of potential critical infrastructure attacks is essential for ensuring both organisations and the broader community remain resilient in the face of evolving cyber threats.

Cyber resilience involves three key components: reducing the attack surface to lower the probability of an attack, quickly identifying and responding to incidents to minimise their impact and ensuring swift recovery. Effective cyber resilience is vital for organisational stability and ongoing security, particularly considering the increasing reliance on interconnected systems.

Key challenges

Sophistication of cyber-attacks

Cyber-attacks are becoming much more advanced, with threats like ransomware, DDoS (Distributed Denial of Service), AI-powered attacks, and state-sponsored schemes targeting critical infrastructure. TMT companies, especially in telecommunications and media, are prime targets because of their vital role in the flow of data and information.

Vast attack surface

The TMT sector's interconnected nature, with multiple adjacent devices, networks, cloud environments, and third-party services, creates a vast attack surface. This complexity makes it challenging to monitor, secure, and defend all potential entry points.

Complex supply chain security

TMT companies rely heavily on third-party vendors and partners. A breach or vulnerability in one of these external systems can compromise the entire infrastructure. Managing the security posture of the extended supply chain remains a critical area for long-term resilience.

Real-time threat detection and response

Given the high volume of data traffic and essential services provided by TMT companies, detecting and responding to cyber threats in real time is crucial. However, many companies struggle to implement adequate monitoring and response mechanisms because of the vast scale and complexity of their operations.

Evolving threat landscape

The nature of cyber threats is constantly evolving, with new attack vectors emerging regularly. TMT companies must continuously adapt their cybersecurity strategies to keep up with developing technologies such as 5G networks, IoT (Internet of Things), AI, and quantum computing, all which can introduce new and varied vulnerabilities.

Key opportunities

Investment in advanced cybersecurity technologies

Implementing leading cybersecurity technologies such as AI-driven threat detection, machine learning, and blockchain for secure transactions and data integrity can help improve the speed and accuracy of threat identification and response.

Partnerships and collaboration

TMT companies are encouraged to collaborate with government agencies, cybersecurity firms, and other industry players to share threat intelligence and best practices and develop joint solutions. These partnerships can strengthen the industry's collective resilience and lead to better protection across critical infrastructure.

Resilient infrastructure development

Designing and building resilient, redundant, and efficiently distributed infrastructure to help minimise the impact of cyberattacks should be a key CISO objective. Tech companies can leverage the power of cloud technology to enhance resilience.

Regulatory compliance and risk management

As regulations around data protection and cybersecurity become stricter, TMT companies can offer tools and services that help other organisations stay compliant. Thus, TMT companies can establish themselves as trusted leaders in cybersecurity.

CISOs across the TMT spectrum should adopt a proactive approach to cybersecurity and resilience. Advanced threat detection systems, comprehensive employee training, regular security audits, collaboration with third-party providers, and the development of robust recovery and continuity plans will all continue to be essential. By addressing challenges proactively, organisations can strengthen their defences and enhance their overall security posture.

Real-world cybersecurity in TMT

The need for enhanced decision-making and operational efficiency places a spotlight on advanced data and analytics solutions.

��㣨Leyu�� India helped a global data and AI firm embark upon a cyber transformation journey to enhance its SOC using advanced cybersecurity technologies. This focus on modernisation included adopting a platformization approach, which significantly improved the organisation’s overall security posture and yielded substantial cost savings by consolidating licensing and streamlining procurement.

A platform-oriented approach successfully unified security operations, achieving comprehensive coverage with 90,000 events per second (EPS), over 200 detection rules, and more than 20 user and entity behavior analytics (UEBA) rules. This strategy also impacted incident response, enabling automatic correlation of alerts and logs, which led to quicker fixes and reduced incident response times.

Additionally, integrating a leading cloud security management application provided robust security for over 500 cloud accounts and more than 300,000 cloud resources, helping ensure robust security and continuous monitoring across hybrid and multi-cloud environments. Automating 10 distinct use cases and 65 playbooks further modernised incident response processes, enhancing efficiency and reducing response times.

��㣨Leyu�� India played a crucial role at all stages of this transformation, optimising resource utilisation and streamlining incident response processes. This work included transitioning playbooks from legacy systems to an automated cloud-based service—which saved the equivalent of approximately four full-time employees yearly—and integrating a generative AI-powered cybersecurity tool to improve threat response and compliance monitoring.

The successful transition to a next-gen SOC marked a significant milestone in the firm's cyber transformation journey. With the right approach, organisations can achieve significant improvements in security operations, ensuring a robust and compliant security posture while optimising resources.

Top priorities for TMT security professionals

Building trust in AI to enable increased adoption of AI technologies.

Sponsoring transformation programs to drive and build cyber resilience.

Enhancing decision-making through comprehensive visibility on cyber risks by adopting integrated platforms.

Shifting from reactive to proactive security strategies, including threat hunting and red teaming exercises.

How can ��㣨Leyu�� in India help

At ��㣨Leyu��, we bring extensive experience to help address the cybersecurity challenges faced by the TMT sector. Our professionals offer services such as cyber cloud assessments, privacy automation, third-party security optimisation, AI security, and managed detection and response. We can assist in ensuring cybersecurity programs are properly aligned with global regulations and business priorities.

By developing tailored digital solutions and implementing proactive cyber defense strategies, we help organisations move from a reactive to a proactive. This includes designing appropriate responses to cyber incidents and promoting a focus on trust and resilience. Our wide-ranging approach supports TMT organisations as they seek to swiftly identify threats, minimise impacts, and recover effectively. This helps them maintain the security and reliability of their critical infrastructures.

��㣨Leyu�� in India is a leading provider of Tax, and Advisory services to companies in the Indian Technology industry