SEBI is pushing for faster onboarding to Market Security Operations Centres (M-SOC) for real-time threat monitoring and is asking institutions to prepare long-term plans for using AI in cyber threat detection and mitigation.

A long-term AI defense strategy is required to enable AI-driven detection and autonomous, agent-like threat mitigation, including an AI-augmented SOC transformation.

SEBI urges a proactive posture to curb AI-speed cyber threats before they escalate into widespread incidents.

Institutions must maintain up-to-date software inventories by periodically generating SBOMs for all critical applications, including open-source components.

The circular warns that AI-driven vulnerability detection tools like Claude Mythos can raise cybersecurity risks by enabling rapid vulnerability identification and exploitation, affecting data confidentiality, application integrity, and output reliability.

These AI tools introduce new risk dimensions for Regulated Entities, including the possibility of rapid vulnerability discovery and exploitation.

The move comes amid concerns that tools such as Claude Mythos can quickly identify and exploit weaknesses, raising data confidentiality, application integrity, and reliability concerns for Regulated Entities.

Change management must be thorough, with full documentation, impact analysis, testing, and secure deployment for every system change, even minor ones.

API security requirements include updating inventories, enforcing strong least-privilege authentication, rate limiting, and whitelist-based connections.

Systems should be hardened through secure configurations, disabling unnecessary services and accounts, and adopting Zero Trust Network Architecture (ZTNA).

The circular mandates immediate patching of all systems, use of virtual patches where fixes are unavailable, and continuous AI-based vulnerability assessments aligned with SEBI’s Cyber Security and Cyber Resilience Framework.

Given the market’s interconnected nature, SEBI calls for coordinated, periodic vulnerability management, information sharing, and monitoring to prevent cascading systemic impacts from cyber incidents.