The year 2017 has been a landmark year for BSE (Bombay Stock Exchange) from an information security perspective, marking a massive shift in its security strategy. The exchange has undertaken overhauling of its entire security infrastructure across the organization. This includes revamping its cybersecurity policies and frameworks and replacing its existing technology solutions with 27 niche information security technologies. As part of the exercise, BSE has also set up a fully integrated next generation Security Operations Center (SOC).

Being one of the critical infrastructures of national significance, BSE has always been a key target for attacks. This led to the decision to carry out complete assessment of the exchange’s information security posture in partnership with EY to understand its preparedness.

The assessment led to the realization that most of the technologies deployed were very old and going obsolete. The exchange was using all the traditional technologies, which were not enough to counter the emerging threats from new age digital technologies. “With the advent of digitization there is an immediate need to address the associated inherent risks and business enablement and continuity. What was required was a comprehensive and holistic approach to address the threat landscape spanning across all domains of cybersecurity,” says Shivkumar Pandey, CISO, BSE.

This being the trigger point, the exchange decided this was the right time to completely revamp its cybersecurity operations and technologies. It did benchmarking against ISO 27001 and the SEBI regulations, and on the basis of that its cybersecurity policies and frameworks were updated to cover all the domains of cybersecurity threats, including end point security, network, application, data security, mobile security among others.

From a technology perspective, BSE procured a total of 27 niche information security technologies, including all advanced technologies like deception technology, NTAPT, forensics, user behavior analysis, predictive analysis, cognitive tools, Machine Learning tools, SIEM, etc. This was a multi-million dollars deal with IBM being the SI partner for implementation and products from various security vendors, including Checkpoint, Radware, Forcepoint and RSA among others.

The objective, as the exchange went in for this massive exercise, was to cover itself from all the threat vectors, across all the cybersecurity domains. “We wanted to safeguard ourselves not only in terms of technology, but also in terms of people and processes. That is why we mapped each and every domain against people, process and technology and tried finding out very exactly the gaps were in each of these areas. And, then we tried to bridge most of those gaps in one shot through the revamp exercise,” explains Pandey.

Talking about the SOC, Pandey informs that the earlier SOC was very limited in its functionalities and didn’t offer the required scale to deal with the new age threats. That led to the need for replacing it and re-building a next generation SOC, built around a hybrid model. Today, as part of the SOC, there are around 15 people sitting at the BSE headquarters in Mumbai and around 34 people sitting in the Bangalore SOC, which is hosted by IBM. It covers 24×7 and 365 days. The SOC became operational in August 2017.

The new SOC is a total shift from the earlier SOC, which was built on more or less a reactive approach. The next generation SOC has deployed all the latest technologies to tackle advanced threats such as the zero-day attacks and zero day vulnerabilities on a real time basis.

“For us time, accuracy and integrity is very important considering the scale at which we operate. Its absolutely critical to quickly identify and respond to any cybersecurity threats and incidents. The next generation SOC is helping us with that through the use of latest technologies, such as deception technologies like Honeypot, user behavior analysis, network behavior analysis, forensics, cognitive and Machine learning,” explains Pandey.

The SOC also boasts of advanced threat intelligence by integrating its SIEM with threat intelligence feeds from IBM, CERTIN, Microsoft, McAfee among others.

By Shipra Malhotra

Shipra comes with over 15 years of experience in tracking enterprise technology market and the CIO space. She has the ability to produce very high-impact content in the enterprise technology space as well as on the dynamics shaping the CIO landscape. She has worked with brands like Express Computer, Data Quest and BizTech 2.0 before joining Grey Head Media.

One thought on “BSE India Overhauls the InfoSec Setup; Implements New Tech”
  1. You can use the best of the tools, but everybody forgets the basics. Most of the frauds that happens are not due to external threats (where most of the tools would work), but internal employees who have access to the system. India has not taken a step towards implementation of internal controls, where most of the issues would be resolved.

    To add a joke to the internal audits being performed by CA (Chartered Accounts) who have no idea on the technology base. Let SEBI do a proper implementation (Clause49) and then see the difference. Nirav Modi and Satyam are a classic example of the above.

Leave a Reply

Your email address will not be published.