In this exclusive interview, Ajay Kumar Joshi explains why cyber threats facing Indian SMBs go far beyond ransomware, with phishing, web attacks, and credential theft emerging as major risks. He also shares how AI-powered, cost-effective security and managed detection services are helping businesses strengthen resilience, improve visibility, and stay ahead of evolving cyberattacks.
IT Voice- ESET’s study shows 88 percent of Indian SMBs faced cyber incidents this year. Which types were most common beyond ransomware?
Ajay Kumar Joshi – ESET’s SMB Cybersecurity Report shows that ransomware is only the visible tip of the iceberg for Indian SMBs. Web‑based intrusions, phishing and credential theft, and malware delivered through everyday tools such as email and browsers are reported just as frequently.Phishing remains the single most prevalent entry point, often disguised as invoices, HR updates, or payment notifications that trick employees into sharing credentials or clicking on malicious links. Coverage of this report underscores how exposed Indian SMBs feel and how often incidents stem from basic lapses rather than sophisticated breaches.
Web attacks targeting unpatched websites, exposed cloud services, and reused credentials have also grown as SMBs move more of their operations online.What the data tells us is simple: Indian SMBs are being hit across the entire kill chain, from initial phishing and web exploits to data theft and business email compromise, not just headline‑grabbing ransomware. That is why investments cannot focus on a single threat type; SMBs need layered protection that covers endpoints, email, identity, and cloud, backed by continuous employee awareness.
IT Voice- For SMBs without dedicated IT teams, which cost-effective cybersecurity measures should be prioritised for 2026?
Ajay Kumar Joshi – For SMBs without a full‑fledged IT team, the priority for 2026 should be to get the basics right, consistently, rather than chase every new buzzword. The first pillar is strong identity and access hygiene: enforcing multi‑factor authentication for email, banking, and critical business applications, along with unique, complex passwords managed through a password manager. This alone can dramatically cut the risk of phishing and account takeover.The second pillar is modern, cloud‑delivered endpoint protection with built‑in detection and response capabilities, managed by a trusted partner or service provider instead of an in‑house SOC.
This model lets SMBs benefit from advanced detection, AI‑driven analysis, and 24×7 monitoring at a predictable cost, as reflected in offerings such as ESET’s AI‑powered MDR service for India. Regular patching of operating systems, VPNs, and business applications, combined with secure configuration of cloud services, is equally critical, since unpatched vulnerabilities remain one of the top success factors for attacks on SMBs.Finally, even small businesses must invest in simple, recurring cyber awareness training for staff, focused on phishing, safe use of email, and reporting suspicious behaviour quickly. At ESET, the approach is to package these layers into integrated, right‑sized solutions so that SMBs can raise their security maturity without needing large teams or complex tools.
IT Voice- How has AI strengthened defensive capabilities for organisations using modern security stacks?
Ajay Kumar Joshi – AI has become a core part of how modern security stacks detect, prioritise and respond to threats in real time. For organisations using contemporary endpoint, EDR and MDR solutions, AI models analyse vast volumes of telemetry – from process behaviour to network patterns – to identify anomalies that would be impossible for humans to spot quickly. The ESET Threat Report portal and the detailed H1 2025 Threat Report highlight how this behavioural approach surfaces stealthy attacks like infostealers and living‑off‑the‑land techniques.
AI also improves the signal‑to‑noise ratio. Instead of overloading stretched IT teams with thousands of low‑value alerts, AI‑driven analytics can correlate events and highlight a smaller number of high‑risk incidents for focused investigation. Combined with automation, this allows security teams or managed providers to contain threats faster – for example, by isolating endpoints or blocking malicious processes within minutes.For Indian organisations, especially SMBs, the real benefit is access to enterprise‑grade detection without needing to build a large in‑house security operation. ESET has invested heavily in leveraging AI across its detection engines and MDR offerings for India so that customers gain from global intelligence, behavioural analysis and expert response in a unified way.
IT Voice- What factors led to the surge in HTML and FakeCaptcha scams, and how was the campaign disrupted?
Ajay Kumar Joshi – The surge in HTML and FakeCaptcha scams was driven by a clever abuse of something users see every day: CAPTCHA and “I am not a robot” checks. As highlighted in the ESET H1 2025 Threat Report and supporting analyses, attackers used fake verification pages and pop‑ups that instructed victims to copy and run commands or download files, which then installed infostealers and other malware on their devices. As more services adopted CAPTCHA‑style flows, users became conditioned to comply, making this social engineering technique highly effective.
ESET’s telemetry recorded a sharp spike in detections of these HTML/FakeCaptcha or ClickFix‑style attacks between late 2024 and the first half of 2025, making them one of the most common intrusion vectors globally for a time. The campaigns often targeted Windows, Linux and macOS users alike, aiming to harvest credentials and sensitive data at scale.The turning point came when law enforcement and security researchers disrupted key malware‑as‑a‑service operations behind these campaigns. ESET contributed by tracking the infrastructure, improving detection rules and sharing threat intelligence, as described in its Threat Report hub, which collectively led to a dramatic collapse in FakeCaptcha activity in the second half of 2025.
IT Voice- How has AI changed both attack methods and defence strategies for Indian businesses this year?
Ajay Kumar Joshi – In 2025, AI has reshaped both sides of the cybersecurity equation for Indian businesses. On the offensive side, threat actors are using AI to generate more convincing phishing emails, automate reconnaissance and fine‑tune malware to evade traditional signature‑based tools, a trend discussed in detail during ESET Security Days and related coverage of AI‑driven cyber risks in India. This has contributed to the rise in targeted ransomware and credential‑theft campaigns, even as overall threat volumes in India show a modest decline.On the defensive side, AI is now deeply embedded in advanced detection and response, helping security tools learn normal behaviour across endpoints, identities, and cloud workloads, and then flag subtle deviations.
For Indian organisations with lean teams, AI‑driven MDR services are particularly impactful because they combine global threat intelligence, behavioural analytics, and human expertise into a single, managed offering, as reflected in ESET’s AI‑powered MDR service for India.The net result is an arms race: AI has made attacks faster, more personalised and harder to spot with legacy controls, but it has also given defenders new capabilities to detect, contain, and recover from incidents much more quickly. ESET’s focus is to ensure that Indian businesses , from SMBs to large enterprises, can harness AI on the defensive side without adding complexity or operational overhead.
