“Cyberattacks are not remoted incidents —they rank among the many prime 5 international dangers by probability over the subsequent decade. The monetary markets, with their high-value transactions and interconnected methods should, due to this fact, be fortified with even better vigilance and preparedness,” Pandey mentioned.

“Exchanges, clearing companies, depositories should not simply “market utilities” —they’re infrastructure of nationwide significance. Their easy functioning ensures capital formation, investor confidence, and financial resilience,” Pandey mentioned at Nationwide Institute of Securities Markets throughout a cybersecurity coaching programme.

“They function in a dynamic technological surroundings the place the risk panorama evolves each day. In this fast-evolving panorama, staying forward of the curve is not a alternative, it’s a survival crucial.The Financial institution for Worldwide Settlements warns that reactive measures, whereas obligatory after an occasion, “can not by themselves protect stability if defences are weak,” Pandey mentioned.

“A cyber incident at a monetary establishment can threaten the stability of the complete ecosystem. A disruption in a single alternate’s order administration system, or at a clearing company, may unfold uncertainty and panic far past that single entity. That’s the character of systemic threat —it doesn’t keep contained,” Sebi chief mentioned.

“Not all cyber incidents make headlines for large monetary losses —generally their impression lies within the blow to belief. In monetary markets, notion may be as damaging as actuality,” he mentioned citing some incidents from US market.

As per IMF report, nearly one-fifth of the reported cyber incidents in the previous 20 years have affected the monetary sector. The variety of cyberattacks has nearly doubled because the COVID-19 pandemic.

As per CERT-In annual report 2024, there have been greater than 20 lakh safety incidents in 12 months 2024.

“A small glitch in a buying and selling algorithm can set off market disruptions in milliseconds.A misconfigured server can open doorways to malicious actors.A compromised account can result in knowledge leaks with extreme reputational and monetary injury. Generally, the largest market shocks could not come from a hacker’s keyboard however from inside our personal methods. Inside errors, ignored processes, or rushed deployments may be simply as harmful as an exterior assault,” Sebi chief mentioned.

“Steady monitoring, incident response rehearsals, and constructing forensic readiness earlier than incidents occur, are important. Proactive measures cut back each the likelihood and the impression of incidents. Reactive measures merely restrict injury after belief has already been dented,” Sebi chief mentioned.