NewKerala.com

SEBI Forms 'Cyber-Suraksha.ai' Task Force to Tackle AI-Driven Cyber Threats

SEBI has constituted a dedicated task force named 'cyber-suraksha.ai' to examine cybersecurity risks from advanced AI tools. The regulator warns that AI-driven tools like Claude Mythos introduce new dimensions of risks for regulated entities. The task force includes representatives from market infrastructure institutions and will devise a uniform mitigation strategy. SEBI also directed entities to report cyber incidents, update systems, and conduct regular vulnerability assessments.

Key Points: SEBI Sets Up AI Cyber Task Force for Market Security

  • SEBI forms 'cyber-suraksha.ai' task force
  • Addresses AI-driven cybersecurity risks like Claude Mythos
  • Focuses on coordinated vulnerability management
  • Directs entities to report incidents and update systems
3 min read

SEBI sets up 'cyber-suraksha.ai' task force amid rising AI-driven cyber risks

SEBI launches 'cyber-suraksha.ai' task force to combat rising AI-driven cybersecurity risks in India's securities market, focusing on vulnerability management and threat intelligence.

"The rapid evolution of emerging technologies including AI-driven vulnerability identification tools (E.g. Claude Mythos) has introduced new dimensions of risks for Regulated Entities. - SEBI"

New Delhi, May 6

Market regulator Securities and Exchange Board of India has constituted a dedicated task force named "cyber-suraksha.ai" to examine cybersecurity risks arising from advanced Artificial Intelligence tools and strengthen cyber resilience across the securities market ecosystem.

In a circular issued on Tuesday, SEBI said the rapid evolution of AI-driven vulnerability detection tools such as "Claude Mythos" has "introduced new dimensions of risks for Regulated Entities."

"The rapid evolution of emerging technologies including AI-driven vulnerability identification tools (E.g. Claude Mythos) has introduced new dimensions of risks for Regulated Entities," SEBI said in the circular.

The regulator warned that such AI tools could increase cybersecurity risks by enabling "identification and potential exploitation of existing vulnerabilities using speed and scale."

SEBI further said these tools may also create concerns related to "data confidentiality, application integrity and reliability of outputs."

Highlighting the interconnected nature of India's securities market infrastructure, the regulator said a coordinated approach was necessary to avoid wider systemic impact in case of cyber incidents.

"Due to the interconnectedness and interdependency of market participants in the Securities Market Ecosystem, a periodic coordinated approach for vulnerability management, information sharing and monitoring/assessment is required to prevent a cascading impact," the circular said.

According to SEBI, the newly constituted task force "cyber-suraksha.ai" includes representatives from Market Infrastructure Institutions (MIIs), Qualified Registrar and Transfer Agents (QRTAs), regulated entities and other stakeholders.

The regulator said the task force will "closely examine the cybersecurity risks posed by AI based models and devise a uniform mitigation strategy against the risks posed by such models."

SEBI added that the group will also facilitate "sharing of threat intelligence, best practices on vulnerability management, use cases and playbooks to respond to the threat vector."

Further, the regulator directed market entities to report cyber incidents, malicious activities and information on vulnerabilities "on a priority basis" to strengthen the cybersecurity posture of securities markets.

As part of the advisory, SEBI asked regulated entities to immediately update operating systems and applications with the latest security patches to address known vulnerabilities.

The regulator also directed entities to conduct regular vulnerability assessments and security audits, including the use of AI-based tools "where possible."

SEBI further emphasised strengthening API security, implementing stronger monitoring systems and accelerating onboarding to Market Security Operations Centres (M-SOC) established by stock exchanges, the National Stock Exchange of India and BSE, for real-time cyber threat monitoring.

The regulator also asked institutions to prepare long-term plans for the use of AI in cyber threat detection and mitigation.

- ANI

Share this article:

Reader Comments

P
Priya S
Finally, some proactive regulation! With UPI and digital payments booming in India, our financial systems are prime targets for hackers. The mention of AI-based vulnerability tools like 'Claude Mythos' sounds scary – but at least SEBI is acknowledging the risk. Hope the M-SOC setup gets prioritized across all exchanges.
V
Vikram M
I appreciate the intent, but SEBI should also look into AI-based scams targeting retail investors directly – not just institutional risks. My uncle almost fell for a deepfake call pretending to be from a broker. The circular focuses on market infrastructure, but individual account holders need awareness campaigns too. 🤔
J
James A
From a cybersecurity perspective, this is comprehensive. The emphasis on API security and regular vulnerability assessments aligns with global best practices. However, India's fragmented market ecosystem makes coordinated threat intelligence sharing tricky. Would love to see clear timelines for the task force's recommendations.
R
Rohit P
As a small-time investor, this makes me feel a bit safer. But with AI evolving so fast, is SEBI's task force going to have the technical expertise to keep up? They should include ethical hackers and independent researchers, not just bureaucrats and big exchange reps. Otherwise, this might just be a photo-op.
K
Kavya N
👏 Good to see SEBI acknowledging Claude Mythos specifically – that tool has been making waves in cybersecurity circles. But let's be real: many Indian brokers still can't afford robust AI security. The regulator should offer subsidized M-SOC access or shared threat intelligence platforms for smaller entities. Equity demands action, not just advisories.

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50