AI-driven cybersecurity threats biggest risk to market integrity: SEBI chief
Mumbai, May 18
Securities and Exchange Board of India chairman Tuhin Kanta Pandey has described artificial intelligence-driven cybersecurity threats as one of the most significant risks facing India's financial markets, calling for aggressive measures to strengthen the protection of software systems used across the market ecosystem.
Speaking during an interaction with NDTV Profit, the chairman said concerns around AI tools are currently centred more on cybersecurity vulnerabilities than on risks related to market manipulation or algorithmic trading.
Pandey said financial markets are heavily dependent on software systems and any weakness in cybersecurity infrastructure can seriously threaten market integrity if exploited successfully.
"Most of the recent concerns around AI tools are related to cybersecurity. As you know, markets rely heavily on software systems, and if cybersecurity is threatened or vulnerabilities are found in the software, there is a risk of attacks. If such attacks are successful, they can pose a serious threat to market integrity," he said.
He stressed the need for proactive safeguards across all software deployed in the financial markets, including systems provided by third-party vendors.
"Regulators and market participants must ensure strong protection mechanisms, aggressive patch management and continuous vulnerability assessments," he explained.
"Therefore, we have to proactively ensure that all the software we deploy, including those provided by third-party vendors, is well protected. There has to be aggressive patch management and extensive use of conventional tools to identify vulnerabilities, so that any weaknesses are immediately patched," Pandey added.
His remarks come amid rising global and domestic concerns over the rapid advancement of AI systems capable of exploiting software vulnerabilities.
Regulatory attention has recently intensified around Anthropic's Mythos AI model, which has reportedly demonstrated the capability to autonomously identify and exploit vulnerabilities in major operating systems and internet browsers.
Earlier, Union Finance Minister Nirmala Sitharaman had also raised concerns regarding the potential risks associated with Mythos.
— IANS
Reader Comments
But bhai, will the smaller brokerages and fintech startups afford aggressive cybersecurity measures? Many are already struggling with compliance costs. Hope SEBI doesn't just issue diktats without providing some guidance or support for smaller players.
As someone who's worked in cybersecurity abroad, I can say India is doing better than most. But AI-driven threats evolve faster than compliance frameworks. The mention of anthropic's mythos model is worrying—if that thing can autonomously exploit OS vulnerabilities, no market is safe.
Honestly, the real threat is not just external hackers but zero-day vulnerabilities in third-party vendor software. Our market system uses many imported components. Need stronger VAPT (Vulnerability Assessment and Penetration Testing) regimes. SEBI should mandate quarterly testing, not just annual. Arre yaar, wake up call for all.
👏 Glad SEBI is taking proactive stance. But I hope they also focus on data privacy of retail investors. Many apps collect excessive data under guise of cybersecurity. Balancing protection with privacy is crucial. As a retail investor, I worry about both.
Good that SEBI chairman is talking about this. But I wish he'd also address algo trading risks—many retail investors are getting wiped out by high-frequency trading bots. Cyber threats are important, but market manipulation through AI-driven algos is a closer and more relevant danger for the common man. Just saying.
We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.