Overview
- SEBI’s circular, issued Tuesday, directs every broker, fund, exchange and intermediary to lock down systems against AI‑driven bug hunting tools such as Anthropic’s Mythos.
- The regulator formed a new industry task force called cyber-suraksha.ai to coordinate threat intelligence, review third‑party vendors, and standardize how firms respond to AI‑accelerated attacks.
- Required steps include urgent patching or virtual patching, continuous AI‑assisted vulnerability testing, tighter API inventories and authentication, system hardening with zero‑trust rules, and fast‑track onboarding to the exchanges’ Market SOC for real‑time monitoring.
- Mythos is a restricted AI model that has surfaced thousands of previously unknown software flaws and can craft working exploits, and Anthropic’s CEO warned there is only a narrow window to fix issues before attackers copy these capabilities.
- India’s push comes as US, Singapore, Australia and Hong Kong brief their financial sectors, yet access limits to Mythos and weak links in vendor ecosystems leave a defense gap that regulators now aim to close.