The Print/ANI: SEBI names Claude Mythos in formal circular, orders all Indian securities market entities to immediately overhaul cyber defences and forms cyber-suraksha.ai task force
India's Securities and Exchange Board of India (SEBI) issued a formal circular on May 5 explicitly naming Claude Mythos as a cybersecurity threat and ordering every regulated entity — including stock exchanges, depositories, brokerages, and mutual funds — to immediately overhaul their cybersecurity infrastructure. The circular requires entities to update operating systems and applications with the latest patches, conduct regular vulnerability assessments, strengthen API security controls, and consult IT committees on managing AI-led vulnerability risks. SEBI also constituted a dedicated task force named cyber-suraksha.ai, comprising representatives from market infrastructure institutions, qualified registrars and transfer agents, to examine AI-driven cybersecurity risks and strengthen cyber resilience across the securities market ecosystem. The task force is additionally mandated to share threat intelligence, report cyber-incidents on a priority basis, and review the cybersecurity posture of third-party application service providers.
SEBI is the first Indian financial regulator to issue a formal named circular explicitly ordering mandatory remediation action across India's entire securities market — the world's fourth-largest equity market by capitalization — while Indian institutions have no public Mythos access to use the model defensively.