A surge in cybersecurity threats has prompted a range of top Indian companies to seek defence, Palo Alto Networks president William D Jenkins Jr. said, even as the world’s most-valued cyber security firm sees rising demand from the country’s millions of mid-tier corporates.
While artificial intelligence startup Anthropic’s latest Claude Mythos model remainsfor the public following orders from the US government, attackers may develop such tools shortly and lead to a rise in breaches, Jenkins said in an interview.
“India’s largest customers in banking, telecom and infrastructure are among some of our largest clients globally, and they are very mature in terms of cyber security. They take security very seriously, and three of our largest deals in our history in Asia are contracts we have with Indian clients,” the executive, known as BJ Jenkins in the professional circles, said.
Palo Alto Networks is among the 12 companies in Anthropic’s roped in to spot risks and solutions in Mythos algorithms. The company is the world’s largest standalone cyber security firm with a market cap of $235 billion, and has guided for $11.43 billion in revenue for its current fiscal, ending 31 July.
Threat surge
The company offers its products and services in India through two private subsidiaries, which cumulatively earned ₹1293.9 crore ($136.7 million) in FY25—accounting for 1.5% of its global revenue. In India, Palo Alto Networks has partnerships with Airtel Business, Tata Communications, Wipro and Tech Mahindra, besides others.
Palo Alto Networks has held the same number of customer meetings in three months as it did in all of 2025, but it has found five times more vulnerabilities in corporate IT systems as before since Claude Mythos released, said Jenkins, who led cyber security firm Barracuda Networks as its chief executive for nine years before joining Palo Alto Networks in 2021.
“Mythos comes at a heavy cost of over $1 million every week to just run it at scale and find vulnerabilities. But, there’s no denying that in three to 12 months, we’ll see cyber attackers also have similar tools in their hands. You’ll see more breaches, and this is translating companies from human-level thinking for cyber security, to machine-level adoption of cyber security,” Jenkins said at the company’s Santa Clara headquarters in California.
This is a key reason why Jenkins believes that the company’s India presence will grow sharply, as small and mid-sized businesses start widely adopting cyber security programmes.
“There are many security companies trying to provide for smaller firms at reasonable monthly prices, which eases the capital burden of setting up an in-house security team. AI is increasingly pushing such small businesses to take cyber security seriously, which is why it is a big growing part of our India strategy. The growth will come from millions of small businesses. In the next three years, while we continue to serve the largest corporations in India, we’ll invest a lot to find local service providers and partners,” Jenkins added.
On 12 June, how top global cyber security companies are increasingly focusing on internet-facing small businesses in the country as AI threats rise. A key part of this, Jenkins said, is India’s technology regulation approach, making it a market where tech adoption is more than optional.
Indian regulations
“The Indian government is very active in technology regulations. When I look at financial services, where we have lots of customers, the rules are strong. In our global products, India’s tech regulations are among the strongest in financial reporting, resilience and sovereignty that we have to take into account. That, though, is good—they make financial institutions adhere to regulated standards. That gives us an advantage as the market is growing in scale to meet the regulations. We also see good public-private partnerships in India in cyber security, which makes our presence there more relevant,” he added.
“I don’t see India as behind in any way—in many ways, the regulations are helping the Indian industry evolve forward in cyber security.”
Local regulations, coupled with Anthropic’s Mythos-led cyber security fears, has fuelled the company to find more business in a quarter than it did in all of last fiscal, Palo Alto Networks’ chief Nikesh Arora told brokerages and analysts in its post-earnings call earlier this month. On 2 June, Arora said that the company has “held 800 client meetings and has 400 more pending in 12 weeks—that’s the number of meetings we had all of last year.”
Concerns over Mythos, however, remain as access to its latest iteration was restricted by the US government globally. As talks to restore its commercial access resurface, Jenkins said that governments worldwide, including India, evaluating private AI models may be good for the industry.
“However, it’s important to not over-regulate the industry—though a 30-day early oversight window may not kill competitive advantages, and also answer security risks in frontier AI,” he said.