Digital transformation is becoming a new source of risk for economic growth and even national sovereignty in BRICS countries. Cybersecurity itself is likely to become one of the key topics of discussion at the summit in India in 2026, TV BRICS reported.
Cyberattacks – the trend of the season
In 2025, the trend towards the effective use of neural networks by hackers became even more evident. Artificial intelligence automates infrastructure analysis, phishing, vulnerability detection and helps scale attacks. At the same time, such attacks increasingly target not only private individuals.
“It is clear that for BRICS, digital transformation has become both a driver of development and a source of new risks, including systemic ones. Some of these risks are global in nature,” said Nina Shevchuk, an expert in international security, Candidate of Political Sciences and Associate Professor of the Department of International Relations at RANEPA St. Petersburg, in an exclusive interview with TV BRICS.
The most tangible threats for countries are attacks on critical infrastructure – businesses and enterprises in the energy, transport and financial sectors. For example, Nina Shevchuk notes that in Brazil fraudsters actively replicate e-commerce platforms; in Russia they impersonate public officials; and in South Africa they create investment traps. At first glance, these incidents appear unrelated. However, there is a common factor.
“We are dealing with global IT crime and IT fraud, where attacks originate from different countries and are carried out through fragmented yet professional groups and channels. These actors may not be united in the classical sense, but they are linked by a common logic and goal – extracting profit through digital technologies and users’ trust. As a result, the risks of data compromise and the leakage of critical information increase manifold, and cybersecurity issues go beyond individual markets or states,” commented Semyon Tenyaev, an expert in information technology and business and founder of a major Russian business network for expert content.
As a result, BRICS countries are facing a threat of a global nature. Coordinated protective measures are therefore required, experts say.
“The group’s countries understand that modern cyberthreats cannot be tackled alone. Regular joint exercises will help improve coordination and enhance operational readiness to repel cross-border cyberattacks. Developing a common monitoring system would make it possible to identify potential threats in a timely manner and take the necessary preventive measures. Such a system should include mechanisms for rapid information exchange and coordinated decision-making,” said Igor Bederov, an expert in security and analytics, in an exclusive interview with TV BRICS.
At the same time, experts consider the creation of a unified BRICS security system to be one of the most complex issues today. Before establishing it, countries need to develop effective domestic protection mechanisms at the legislative and technical levels. However, bringing diverse measures and approaches to information security to a common denominator will not be easy.
Experts note that BRICS countries currently have a highly uneven technological base. In the absence of domestic developments and equivalents, any integration or even modernisation becomes a risk factor. A second challenge is the disparity in institutional development, technological capacity and, importantly, workforce training among BRICS countries.
“It must be acknowledged that international cooperation in cybersecurity is still far from effective. This is largely due to the heterogeneity of regulatory approaches among member states. On the one hand, this creates challenges for the development of common standards; on the other, it underscores the need to pool efforts and exchange experience,” Nina Shevchuk believes.
BRICS leaders in information security
Experts identify Brazil, India and China as the leaders in information security within BRICS. According to analysts, their success is linked to a comprehensive approach combining legal, organisational and technical components.
“In these countries, a strong ecosystem of vendors, integrators and MSSP providers has emerged. All three have developed comprehensive laws and regulations governing information security. Brazil and India are actively developing national and international educational programmes to train cybersecurity specialists. Authorities are investing heavily in the protection of critical information infrastructure (CII), establishing national SOCs (security operations centres) and promoting public-private partnerships. Finally, their large domestic IT markets independently stimulate the development of home-grown technologies,” Igor Bederov said.
Incident response centres play an important role in this system. “Brazil, India and China have the largest number of information security incident response centres (CIRTs), integrated into national cybersecurity projects. These centres adhere to unified industry standards and closely interact with one another,” noted Mikhail Khachaturyan, Associate Professor of the Department of Strategic and Innovative Development at the Financial University under the Government of Russia, in an interview with TV BRICS.
Speaking about the legal component, he emphasised that legislative regulation is well developed in all three countries. In Brazil, China and India, data protection and the safeguarding of critical information infrastructure are enshrined in law. This provides a solid legal basis for combating cyberthreats effectively. In addition, there are educational and professional development programmes in IT and information security. Courses, seminars and training sessions are conducted to enhance digital literacy among the population. Experts also stress the importance of the advanced technical capabilities possessed by BRICS leaders in cybersecurity.
“India, Brazil and China are implementing modern solutions such as SIEM systems, XDR and NTA, which enhance protection efficiency and speed up threat response. Bug bounty programmes are also used to identify vulnerabilities,” Mikhail Khachaturyan added.
Thus, experts conclude, the leadership of Brazil, India and China in information security stems from a combination of legislative measures, infrastructure development, educational programmes and the adoption of innovative technologies. This comprehensive approach enables them to counter growing cyberthreats effectively and strengthen digital security at both national and global levels.
In Russia, since 2025, government authorities have been prohibited from using foreign software at critical information infrastructure facilities. Plans also include introducing turnover-based fines for personal data breaches and requiring companies to maintain financial reserves to compensate moral damages. In terms of technology, solutions for protecting information systems and website classification models for detecting phishing resources are being actively developed.
In South Africa, cybersecurity is regulated by the Department of Communications and Digital Technologies ( DCDT). The Protection of Personal Information Act ( POPIA), which fully entered into force in 2021, is in effect.
In Indonesia, information protection issues are overseen by the National Cyber and Crypto Agency (BSSN), which reports directly to the president. The agency is also responsible for specialist training and technology development. In October 2022, Indonesia’s Personal Data Protection Law came into force.
In the UAE, protection coordinated by the National Electronic Security Authority (NESA) focuses on critical infrastructure such as finance and energy. The federal cybercrime law provisions strict fines and even imprisonment for violations. Artificial intelligence and machine learning are actively deployed for threat detection, alongside blockchain and cryptocurrency security measures.
In 2024, Ethiopia became one of the leaders in terms of detected malware cases. The main threats were phishing, ransomware and data breaches. Among the key information security challenges, experts cited the absence of unified national cybersecurity standards and insufficient technical capacity. Under the “Digital Ethiopia 2025” programme, the country drew on international experience to enhance cybersecurity, expanded telecommunications infrastructure, introduced a digital ID system, established a national cloud platform and a digital forensic laboratory for law enforcement, and strengthened cyberthreat monitoring. According to ENA, a TV BRICS partner, a new “Digital Ethiopia 2030” strategy was unveiled at the end of 2025, identifying cybersecurity as a strategic priority. The document provides for the development of resilient critical digital infrastructure, the creation of a cyber incident response centre, the strengthening of the national cloud system and the establishment of an independent data governance authority.
Egypt approved a national strategy for 2023–2027, which includes strengthening legal measures, protecting critical infrastructure and supporting research in cybersecurity. The country also has a law on combating cybercrime, providing penalties for unauthorised access and breaches of data confidentiality. In 2024, Egypt recorded large-scale DDoS attacks on telecommunications operators and phishing campaigns targeting organisations.
Cooperation in cybersecurity
In January 2026, a major Russian financial conglomerate proposed the creation of a BRICS Cybersecurity Alliance, placing the mandate on the agenda of the 2026 summit in India. The authors of the initiative argue that the countries of the “ten” should consolidate their efforts as soon as possible.
Discussions and prerequisites for establishing a common BRICS cybersecurity system have existed for quite some time. Countries are working on developing common standards and strengthening coordination, seeking to establish information-sharing mechanisms, build a new foundation and reduce the digital divide. This may be achieved through joint exercises and the creation of new educational programmes to train specialists.
“The most promising avenue appears to be pooling efforts and investment in education to strengthen cybersecurity. Plans include expanding academic cooperation through joint training programmes and the exchange of best practices. India, which assumed the chairmanship in 2026, has already identified the digital divide and artificial intelligence as priorities,” Nina Shevchuk said.
As for the unification of legal aspects of cybersecurity, steps are also being taken in this direction. Russia, China and Iran advocate the swift creation of legally binding rules. However, other members of the group call for a gradual approach, Mikhail Khachaturyan noted in an interview with TV BRICS.
BRICS countries also pay particular attention to regulating neural networks, which are increasingly becoming tools in the hands of fraudsters.
Despite the large number of joint initiatives, established communication channels and the urgency of the cybersecurity challenge, there remain disagreements and obstacles that have yet to be resolved.
“Among the potential barriers are differences in approaches to the regulation of information and communication technologies (ICTs). For example, some countries support a multilateral (state-centric) approach, while others favour a multi-stakeholder model that includes non-state actors,” Mikhail Khachaturyan believes.
Nevertheless, experts assess that BRICS has significant potential to become a platform for developing common positions on cybersecurity issues in dialogue with countries of the global majority. In the longer term, this would strengthen not only the group’s influence but also that of the entire Global South in negotiations on international information security. If coordination continues to deepen in 2026, as experts expect, common standards may soon be developed and the foundations of a unified BRICS cybersecurity strategy laid.
Follow the latest news on Google News
