Cybersecurity Governance and Corporate Legal Responsibility in India

Abstract

The rapid digital transformation of businesses in India has amplified concerns regarding cybersecurity and corporate accountability. As corporations increasingly depend on digital infrastructure, cloud technologies, and data-driven operations, the risks of cyberattacks, data breaches, and unauthorized access have grown exponentially. Cybersecurity compliance has thus emerged as a crucial component of corporate governance and risk management. In India, the legal framework governing cybersecurity is primarily anchored in the Information Technology Act, 2000 and its subsequent amendments, along with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. These laws impose obligations on corporate entities to ensure data protection, adopt secure systems, and report incidents of data compromise. However, the evolving cyber threat landscape and the rise of sophisticated attacks, such as ransomware and phishing, have revealed significant gaps in compliance enforcement and corporate preparedness. The recently enacted Digital Personal Data Protection Act, 2023 further strengthens corporate duties by emphasizing consent-based data processing, data fiduciary responsibilities, and financial penalties for non-compliance. Corporate liability now extends beyond reputational harm to include administrative and criminal consequences under Indian law. This paper examines the interplay between cybersecurity compliance and corporate liability, analysing how organizations can integrate legal, technical, and ethical safeguards to achieve digital resilience. It argues that proactive compliance through risk assessment, employee training, and data governance frameworks is essential for mitigating liability and fostering consumer trust. Strengthening regulatory enforcement, promoting transparency, and encouraging cyber literacy among corporate actors are key to ensuring India’s secure digital future.