Brands
YS TV
Discover
Events
Newsletter
More

Follow Us

twitterfacebookinstagramyoutube
Yourstory

Resources

Stories

General

In-Depth

Announcement

Reports

News

Funding

Startup Sectors

Women in tech

Sportstech

Agritech

E-Commerce

Education

Lifestyle

Entertainment

Art & Culture

Travel & Leisure

Curtain Raiser

Wine and Food

Videos

Sebi takes guard against security threats, plans to hire agency

To provide the service to the regulator's information technology infrastructure, the Securities an Exchange Board of India has issued a notice inviting expression of interest (EoI) from interested parties

Sebi takes guard against security threats, plans to hire agency

Monday September 30, 2019 , 3 min Read

Markets regulator Sebi plans to rope in an agency to identify and classify security holes in its entire information technology infrastructure and suggest measures to mitigate such risks.

 

Over the past few years, the regulator has been betting big on technology to address and handle challenges arising out of technological advancements in the markets.

 

To provide the service to the regulator's information technology infrastructure, the Securities an Exchange Board of India (Sebi) has issued a notice inviting expression of interest (EoI) from interested parties.


Security


 

Information system infrastructure includes networking systems, security devices, servers, and databases.

 

Sebi said the selected bidder would be responsible for carrying out an assessment of threat and vulnerabilities in the regulator's information technology infrastructure. This will include identifying existing threats if any and suggest remedial solutions and recommendations to mitigate all identified risks, with the objective of enhancing the security of information systems, the regulator noted.

 

The markets watchdog said the selected agency will "perform Vulnerability Assessment and Penetration Testing (VAPT) to identify vulnerabilities, misconfiguration and other issues that could be leveraged by an external or internal entity (or user) to impact the confidentiality, integrity and availability of Sebi systems or exploit it for personal gains, either from internet or from Sebi's internal network".


Spelling out the eligibility criteria, the regulator said the applicant needs to have a registered office in India and should have been in operation for at least three years. Besides, the applicant should not be in the business of selling IT security products.


Among other terms, the bidder should not be a black-listed firm "due to unsatisfactory performance, breach of general or specific instructions, corrupt or fraudulent or any other unethical business practices".


Interested agencies can submit their application till October 22.


The move also comes at a time when several malware attacks have come to light globally, including in India.


Sebi, which has been focussing on technology to address market challenges, in May invited bids to provide a data solution that can handle vast amount of data from multiple sources.


Besides, the regulator, in its annual report for 2018-19, said that it intends to deploy data analytics and new generation technologies to deal with various challenges in the market.


"Sebi would encourage adoption and usage of financial technology to further develop and maintain an efficient, fair and transparent securities market ecosystem which also promotes innovation in the securities market," Sebi Chairman Ajay Tyagi said in his statement in the annual report.


As per the report, the regulator would continue to strengthen market supervision through steps such as technology solutions being built to achieve the objective of identifying non-compliance and assisting in investigations.


(Edited by Megha Reddy)