India's Ministry of Electronics and Information Technology (MeitY) has instructed government ministries to delay the use of AI models from OpenAI and Anthropic for cybersecurity purposes, reflecting a cautious stance amid evolving cybersecurity threats and data confidentiality concerns.

  • MeitY instructs ministries to halt AI model deployment in cybersecurity
  • CERT-In warns of increased cyberattack risks from advanced AI
  • Government tightens rules on unapproved external AI tools

What happened

The Ministry of Electronics and Information Technology (MeitY) issued an advisory asking ministries to refrain from deploying AI models developed by OpenAI and Anthropic for cybersecurity and related government functions. This announcement came shortly after representatives from both companies engaged with multiple government departments suggesting the use of their AI solutions in official operations.

The directive is part of a broader government effort to limit the use of external AI platforms on official devices, especially for processing or sharing confidential and sensitive data. Internal communications across agencies have emphasized restrictions on unapproved AI tools to prevent potential risks associated with data exposure.

Why it matters

The Indian government’s hesitation to rapidly adopt external AI models underscores growing concerns over the security and confidentiality of sensitive government data when handled by third-party generative AI services. Past communications indicated risks associated with AI tools on office devices, though a total ban on AI was not implemented. Instead, authorities have advocated careful, risk-assessed usage supported by guidelines issued in late 2025.

CERT-In, India’s national cybersecurity agency, highlighted that advanced AI capabilities could facilitate more agile and sophisticated cyberattacks, reducing the window for detecting and patching vulnerabilities. This raises the stakes for government organisations to adopt stringent cybersecurity practices including multi-factor authentication, timely updates, incident reporting, and vulnerability assessments.

What to watch next

Monitoring developments in shadow AI – the unsupervised and unauthorized use of AI tools by government employees – will remain critical. Greater oversight mechanisms, staff training, and technology audits may be introduced to prevent the leakage of confidential information and ensure compliance with cybersecurity standards.

Source assisted: This briefing began from a discovered source item from MediaNama. Open the original source.
How SignalDesk reports: feeds and outside sources are used for discovery. Public briefings are edited to add context, buyer relevance and attribution before they are published. Read the standards

Related briefings