The Securities and Exchange Board of India (SEBI) has announced the formation of a dedicated cybersecurity task force to tackle risks posed by advanced AI tools like Anthropic’s Mythos, focusing on protecting market infrastructure and regulated entities from emerging cyber threats.
- SEBI forms cyber-suraksha.ai task force to mitigate AI cybersecurity risks.
- Task force to standardize vulnerability management and threat intelligence sharing.
- Advisory mandates prompt patching, AI vulnerability audits, and secure system updates.
What happened
The Securities and Exchange Board of India (SEBI) announced the creation of a new cybersecurity task force named cyber-suraksha.ai in response to escalating concerns about the capabilities of AI models, specifically Anthropic’s Mythos. This task force is charged with developing uniform strategies to mitigate cybersecurity risks introduced by such sophisticated AI tools, which can detect and exploit software vulnerabilities across major platforms and networks.
SEBI’s task force includes stakeholders from various market infrastructure institutions (MIIs), qualified registrars and transfer agents (QRTAs), and regulated entities, ensuring broad representation. The group convened its inaugural meeting recently to discuss mitigation measures around Mythos and has since issued an advisory instructing SEBI-regulated entities to undertake immediate system patching, vulnerability assessments using AI, cybersecurity audits, and stringent controls over third-party vendors.
Why it matters
Anthropic’s Mythos AI model represents a new class of tools capable of identifying complex software flaws, some undetected for decades, which poses significant cybersecurity risks to critical infrastructure such as banking systems, power grids, telecom, and defense. By enabling exploitation of these vulnerabilities, AI-driven attacks could lead to severe disruptions impacting financial market stability and national security.
SEBI’s proactive measures highlight an emerging regulatory recognition of the dual-use nature of advanced AI technologies—while these tools can bolster cybersecurity defenses, they also elevate exposure if misused. Establishing a coordinated framework to share threat intelligence and enforce rigorous vulnerability management aims to reduce the likelihood of attacks leveraging AI capabilities, signaling a shift toward more adaptive cybersecurity governance in India’s financial sector.
What to watch next
Market participants should monitor SEBI’s implementation of the cyber-suraksha.ai advisory, particularly adherence to requirements for system updates, AI-enabled vulnerability assessments, and documentation protocols accompanying any system changes. The rollout of centralized platforms like market SOC (M-SOC) by NSE and BSE for consolidated threat monitoring will be crucial in measuring the task force’s effectiveness.
Additionally, ongoing dialogues between the Indian government, Anthropic, and international partners on controlled access to Mythos for Indian firms will be important to track. This could influence how Indian financial institutions leverage AI defensively while managing associated risks. The evolving regulatory focus on long-term AI adoption plans for threat detection and mitigation will also warrant close attention in shaping India’s cybersecurity landscape.