Sebi Warns of Cyber Risks Associated with AI, Advocates for Coordinated Market Defense
Securities Regulator Warns of AI-Driven Cyber Vulnerabilities in India's Securities Ecosystem
The Securities and Exchange Board of India (Sebi) has issued a warning about the growing risks of cyber vulnerabilities in the country's securities ecosystem, driven by the rapid evolution of artificial intelligence (AI) tools. In an advisory issued on Tuesday, Sebi emphasized the need for a coordinated approach to vulnerability management, information sharing, and monitoring/assessment to prevent a cascading impact.
A Task Force for Cybersecurity
To address these concerns, Sebi has constituted a task force named cyber-suraksha.ai, comprising market infrastructure institutions and other related stakeholders. The regulator has directed regulated entities to update their operating systems and applications to the latest patches to address known vulnerabilities and consider virtual patching as an interim measure when fixes are unavailable.
Read also: Treasury Yields Experience Largest Increase in Two Weeks Following Release of Labor Market Data
Regular Checks and Enhanced Security Measures
Sebi has mandated regular, continuous vulnerability assessments using both conventional and AI-based tools, along with security audits aligned with its cybersecurity and cyber resilience framework. Market participants will have to engage closely with third-party vendors to ensure timely patch deployment. Exchanges and depositories have been tasked with ensuring vendors assess risks posed by AI-led models and implement safeguards such as patching, vulnerability testing, continuous monitoring, and system hardening.
| Security Measure | Description |
|---|---|
| Patching | Regularly update operating systems and applications to the latest patches |
| Vulnerability Testing | Conduct regular vulnerability assessments using conventional and AI-based tools |
| Continuous Monitoring | Monitor systems for potential threats and vulnerabilities |
| System Hardening | Implement safeguards to prevent unauthorized access to systems |
Enhanced Security Protocols
Read also: US-Iran Tensions Spark Uptick in Oil Prices Amid Global Market Decline
Sebi has also tightened the norms governing system changes, mandating full documentation, impact analysis, and rigorous testing for all such changes. Market participants have been asked to strengthen the security operation centre (SOC) monitoring, including reviewing low-priority alerts and integrating automated response systems. Sebi has also pushed eligible entities to onboard the market-wide SOC platform set up by the National Stock Exchange of India and BSE for real-time threat detection.
Long-Term Plan for AI Usage
Sebi has emphasized the need for regulated entities to prepare a long-term plan for the usage of AI in detection and autonomous/agentic mitigation. The regulator has also suggested other measures, including recalibrating risk assessments for AI-accelerated threats, AI-enabled SOC transformation, and continuous vulnerability management using AI tools.
Investor Takeaway
Investors should be cautious of the potential risks associated with AI-driven vulnerability identification tools.
More in Market
Treasury Yields Experience Largest Increase in Two Weeks Following Release of Labor Market Data
US-Iran Tensions Spark Uptick in Oil Prices Amid Global Market Decline
Indian Stocks to Watch: BHEL, Agarwal Industrial, JBM Auto, Rajesh Exports, Indian Energy Exchange, Lenskart Solutions in Market Focus on June 4.
