Markets regulator SEBI has shortlisted 15 entities, including Tata Communications, Wipro and Tech Mahindra for two separate services — identify and classify security holes in IT infrastructure, as well as protect against security threats.
To provide these services, SEBI in September had issued separate notices, inviting expression of interest (EoI) from the interested parties.
The service is related to identify and classify security holes in its entire information technology infrastructure and suggest measures to mitigate such risks.
The second service pertains to set up a ‘network and security operation centre’, which will enable it to detect and protect against security threats, including from ransomware.
Now, SEBI has shortlisted seven bidders — Wipro, Ernst & Young LLP, Pricewaterhouse, Sumeru Software Solutions, Digital Age Strategies, AAA Technologies, Auditime Information Systems (India) Ltd — to identify and classify security holes in its entire information technology infrastructure and suggest measures to mitigate such risks.
Besides, Tata Communications, Wipro, Tech Mahindra, IBM India, Sify Technologies, Pricewaterhouse, Dimension Data India Pvt Ltd and Netmagic Solutions are among the eight companies that have been shortlisted to set-up a ‘network and security operation centre’
IT infrastructure
With regard to information technology infrastructure, the Securities and Exchange Board of India said that selected bidder will be responsible for carrying out an assessment of threat and vulnerabilities and assess the risks in its IT infrastructure.
This will include identifying existing threats and suggest remedial solutions and recommendations on the same to mitigate all identified risks and enhance the security of information systems.
Information system infrastructure includes networking systems, security devices, servers and databases. Besides, the agency will be responsible for carrying out enterprise-wide system audit focussed on configuration, security aspects, risk assessment, deployment, administration, access control, back up and business continuity.
The audit will also cover review of standard operating procedures, automation and monitoring of all IT assets.
With respect to ‘network and security operation centre’, SEBI said that selected company will be responsible for all the activities related to information security, including anti-phishing, anti-malware, anti-trojan, anti-ransom and implementation of security solutions such as content filter and virtual browsing solutions at the regulator.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.