As enterprises accelerate digital transformation across cloud, AI and data driven platforms, industry leaders are calling for a fundamental shift in how organisations approach data privacy. From boardrooms to engineering teams, privacy is increasingly being positioned as a core business imperative tied to trust, resilience and long term growth. Industry leaders are now emphasising on privacy by design this Data Privacy Day.
Rizwan Patel, Global Head of Cloud, InfoSec, and Emerging Technologies at Altimetrik, highlighted how privacy has moved into the centre of enterprise strategy: “Enterprise data privacy has become a board-level priority as digital platforms, cloud adoption, and AI-driven operating models reshape how value is created. Data sits at the core of revenue growth, ecosystem partnerships, and business resilience, making privacy by design a strategic requirement rather than a technical afterthought. Trust now functions as a business currency, determined by how responsibly organisations govern data across its lifecycle. India’s data-centric digital economy further elevates the stakes. Platforms built on India Stack and rapid enterprise AI adoption expand the attack surface and intensify exposure to misuse, leakage, and systemic risk. The Digital Personal Data Protection Act reinforces fiduciary accountability, consent discipline, and breach readiness, setting a higher bar for enterprises operating at scale. Compliance alone does not deliver confidence or differentiation. Market leaders are embedding privacy engineering into product development (PDLC) and software delivery (SDLC) lifecycles, supported by identity controls spanning human, machine, and emerging agentic identities. At Altimetrik, we integrate automation-driven governance, threat detection, identity and access management, observability, and responsible AI practices into core architectures. This enables organizations to protect data rights, sustain innovation velocity, and strengthen trust in an environment where technology amplifies both opportunity and risk.”
Also read: Data Privacy and Control in Digital Hiring Platforms – The Next Frontier of Trust
Echoing similar concerns, Chetan Jain, Cofounder and Managing Director at Inspira Enterprise, pointed to the rising cost of inaction: ”With a steep spike in data breaches and privacy violations, businesses have to protect the sensitive data of their customers and proprietary information for operations to avoid massive financial losses, customer churn, and reputational damage. At Inspira, we build a robust and tailored data privacy strategy, enabling organizations to proactively address privacy risks, satisfy regulatory requirements, and demonstrate commitment to privacy to all stakeholders. Furthermore, we provide customized recommendations to balance data privacy with business needs. The global celebration of Data Privacy Day on January 28 every year is a reminder for businesses to dedicate themselves to implementing robust data privacy policies to safeguard customer trust and ensure compliance while making provisions for future changes.”
Rahul S Kurkure, Founder and Director at Cloud.in, emphasised the shared responsibility that comes with cloud adoption: ”As Indian enterprises accelerate their shift to cloud-first and AI-driven environments, they benefit from greater agility, scalability, and cost efficiency. However, this transition also increases data privacy risks due to the shared nature of cloud infrastructure. Data Privacy Day is a timely reminder that organizations must clearly understand and own their responsibilities within the shared responsibility model—especially as sensitive data moves across platforms, partners, and borders. Privacy cannot be treated as a compliance exercise alone; it must be embedded by design into cloud architectures without weakening security or operational performance. At Cloud.in, we focus on building privacy-driven cloud architectures that help Indian organizations establish digital trust, meet evolving regulatory expectations, and support long-term, sustainable growth.”
From a data protection and resilience standpoint, Balaji Rao, Area Vice President, India and SAARC at Commvault, noted that privacy readiness now directly impacts competitiveness: “Data Privacy Day 2026 highlights a hard truth for enterprises operating in a cloud-dominated economy. Data privacy now defines operational credibility, regulatory readiness, and long-term competitiveness. As India advances its data-centric digital ecosystem, privacy by design has moved from principle to performance requirement across SaaS platforms, multi-cloud environments, and AI-driven workflows. The Digital Personal Data Protection Act further reinforces this shift by requiring continuous accountability across the data lifecycle. Regulatory readiness depends on real-time visibility, policy-driven governance, and resilient recovery in environments where data and identities are highly distributed. Identity resilience plays a critical role by enabling real-time visibility, response, and recovery across identity providers, ensuring uninterrupted access while limiting exposure and operational risk. Today, nine out of ten attacks target identity systems like AD because they control access to data, systems, and applications
Enterprises that architect privacy and resilience directly into cloud data platforms establish a durable foundation for compliance and business continuity. Data protection strategies must evolve at the same pace as digital transformation. Organizations that operationalize privacy at scale will set the benchmark for trust, resilience, and responsible growth in India’s digital economy.”
Reuben Koh, Director of Security Technology and Strategy at Akamai Technologies, drew attention to the speed at which threats now move in an AI-driven environment: “In 2026, Data Privacy Day is a reminder that in an AI-driven world where data is the new precious commodity, privacy continues to be a critical and continuous responsibility. As data moves across cloud platforms, APIs, and intelligent systems at machine speed, our ability to discover and secure data must move even faster. At Akamai, we know this starts with deep visibility and granular network segmentation to effectively shrink the blast radius of any breach. Real-time threat intelligence also provides organizations with an edge to stay ahead of evolving cyber threats. By embedding privacy-by-design into AI deployments and leveraging automated, distributed defenses, organizations can innovate at speed and maintain consumer trust, while navigating an increasingly sophisticated threat landscape.”
Ranga Jagannath, Senior Director, Growth at Agora, focused on the intersection of real time engagement and user trust: “As technologies like AI, IoT, and Real-Time Engagement redefine the way we interact, the volume of personal data being generated is enormous. While this volume of data promotes innovation, it also poses significant risks to individual privacy and security. The challenge today is not only about compliance but about building a digital ecosystem where privacy is an intrinsic part of every user connection. Businesses must adopt privacy-by-design principles, ensuring that data protection is an integral part of their solutions. This includes implementing secure APIs, end-to-end encryption, and adhering to the highest standards of transparency and user control. However, meeting these standards requires more than just regulatory compliance. It requires proactive measures to stay ahead of emerging threats and an unwavering commitment to privacy. Looking ahead, the key to a trusted digital world lies in balancing innovation with responsibility. As real-time engagement technologies continue to evolve, protecting privacy will be crucial for fostering trust and ensuring a safe, secure digital experience for all. At Agora, we are committed to building this future, where innovation and privacy go hand in hand, delivering seamless and secure digital interactions globally.”
From the financial services lens, Anuj Khurana, Co-founder and CEO at Anaptyss, warned of rising financial exposure linked to privacy failures: “In an increasingly digital world, data privacy has moved beyond being a compliance checkbox to becoming a core business and risk imperative with direct financial impact. In 2025, the average cost of a data breach has risen to approximately USD 4.4 million, with financial services institutions facing even higher exposure often exceeding USD 5.5 to 6.0 million per incident given the sensitivity of their data and the complexity of their ecosystems. Across the global BFSI landscape, threat vectors continue to evolve. Phishing and supply-chain compromises remain persistent drivers of breaches, but a newer and fast-emerging risk is the ungoverned use of AI, often referred to as ‘Shadow AI’. In India, Shadow AI already ranks among the top three contributors to breach costs, underscoring a broader global trend where the pace of AI adoption is outstripping security, governance, and regulatory controls. At Anaptyss, we see this convergence of data privacy, cybersecurity, and financial crime risk as a defining challenge for the industry. BFSI organizations can no longer afford to manage privacy, compliance, and financial crime controls in silos. Modern risk and compliance architectures must be engineered with privacy-by-design at their core embedding data classification, lineage and provenance tracking, access governance, model explainability, and lifecycle management directly into AML, fraud detection, and risk analytics platforms.
By aligning data governance with real-time risk intelligence and resilient operating controls, financial institutions can not only reduce privacy breach exposure but also strengthen their defenses against financial crime. On this Data Privacy Day, the message is clear: responsible data and AI governance is no longer optional it is foundational to trust, resilience, and sustainable innovation in the financial services ecosystem.”
Dipesh Kaura, Country Director India and SAARC at Securonix, stressed visibility and control as the foundation of privacy: “Data Privacy Day is a clear reminder that privacy is only as strong as your ability to see and control who touches your data. Protecting sensitive information means continuously monitoring access, understanding behavior, and stopping misuse before it becomes a breach. At Securonix, our Unified Defense SIEM with agentic AI unifies advanced behavioral analytics, curated threat intelligence, and autonomous response to reduce risk, accelerate investigations, and keep critical data secure. By enabling proactive detection and rapid response at scale, we help organizations safeguard sensitive information, maintain compliance, and preserve trust in an increasingly complex digital world. On Data Privacy Day, the real question every organization must answer is simple: do you truly know who has your data and can you prove it?”
Venkat Sitaram, Senior Director & Country Head ISG (Infrastructure Solutions Group) – Dell Technologies India, said: “Dell Technologies’ recent work with the Cyber Security Association of India highlights a growing resilience debt across enterprises, where perceived readiness often masks real gaps in recovery capability. On Data Privacy Day 2026, it is important to recognise that privacy and recovery are deeply connected. As cyber incidents grow more sophisticated, the real test for organisations is not just preventing breaches, but ensuring they can recover quickly from clean, trusted data. Building cyber resilience through isolation, immutability and intelligent recovery is no longer optional. It is essential to protecting data integrity, maintaining trust and safeguarding business continuity in a digital-first India.”
Sandeep Bhambure, Vice President and Managing Director India and SAARC at Veeam Software, concluded by highlighting resilience as a privacy imperative: “This Data Privacy Week is a timely reminder that data control is at the heart of trust, resilience, and safe AI adoption. As cyber threats grow more sophisticated, an organisation’s ability to govern, protect, and recover its data is becoming just as critical as its ability to secure it. Trusted, well-managed data is the bedrock for regulatory confidence, operational continuity, and responsible AI innovation. Veeam’s latest ransomware research underscores this urgency with 69 percent of impacted organisations experienced multiple attacks in a single year, and 90 percent had their backups targeted. This highlights how fragmented visibility and weak data governance leave businesses dangerously exposed. Without clear oversight of where data resides, how it is protected, and how quickly it can be restored, organisations risk not only breaches but prolonged and costly disruptions. In India, with the Digital Personal Data Protection Act now in effect and further regulatory changes ahead, businesses must move beyond reactive cybersecurity. They need to embed data control, governance, and resilience into their core strategies. Ensuring data is secure, compliant, and recoverable is no longer optional it is essential for responsible AI adoption and long-term business success.”
