Markets regulator warned on Tuesday that advanced artificial intelligence tools capable of identifying software vulnerabilities could amplify cybersecurity threats across the financial system, and urged regulated entities to tighten defences and coordination.
In a circular, the Securities and Exchange Board of India (Sebi) said the fast-paced evolution of AI-driven vulnerability discovery tools could enable exploitation at scale, while also posing risks to data confidentiality, application integrity and the reliability of automated outputs.
The regulator flagged the interconnected nature of the securities market, noting that weaknesses at a single participant could trigger cascading disruptions across exchanges, intermediaries and service providers. That dynamic, it said, makes continuous monitoring, information sharing and collective risk management essential.
To address the risks, Sebi said it has formed a task force, Cyber Suraksha AI, bringing together market infrastructure institutions, registrars and transfer agents, and other stakeholders. The group will assess AI-related cyber risks, recommend mitigation measures, facilitate threat intelligence sharing and review the cyber posture of third-party vendors.
Sebi also issued an advisory setting out immediate and medium-term steps, including rapid system patching, regular vulnerability assessments, stronger application programming interface security and enhanced monitoring through security operations centres. Entities have been asked to accelerate onboarding to the Market-SOC framework run by exchanges, conduct continuous risk assessments that include AI-driven scenarios, and adopt practices such as zero-trust architecture and system hardening.
Regulated firms were further directed to work closely with vendors to ensure timely updates and to develop longer-term strategies for using AI in both detecting and mitigating cyber threats, the regulator said. |
