The year 2017 has been a landmark year for BSE from an information security perspective, marking a massive shift in its security strategy. The exchange has undertaken overhauling of its entire security infrastructure across the organization. This includes revamping its cybersecurity policies and frameworks and enhancing its existing technology solutions with 27 niche information security technologies. As part of the exercise, BSE has also set up a fully integrated next generation Security Operations Center (SOC) 24*7.
Being one of the critical infrastructures of national significance, BSE has always been a key target for attacks. This led to the decision to carry out complete assessment of the exchange’s information security posture in partnership with EY to understand its preparedness.
The exchange realized the need to fortify its existing technology stack with new and emerging technologies. The exchange was using all the traditional technologies, which were not enough to counter the emerging threats from new age digital technologies. “With the advent of digitization there is an immediate need to address the associated inherent risks and business enablement and continuity. What was required was a comprehensive and holistic approach to address the threat landscape spanning across all domains of cybersecurity,” says Shivkumar Pandey, CISO, BSE.
This being the trigger point, the exchange decided this was the right time to completely revamp its cybersecurity operations and technologies. It did benchmarking against ISO 27001, NIST Framework and the SEBI regulations, and on the basis of that its cybersecurity policies and frameworks were updated to cover all the domains of cybersecurity threats, including end point security, network, application, data security, mobile security among others.
From a technology perspective, BSE procured a total of 27 niche information security technologies, including all advanced technologies like deception technology, Anti-APT, Real-time Forensics, User Behavior Analysis (UBA), Cognitive and Machine Learning technology, SIEM, SA etc. This was a multi-million dollars deal with IBM being the SI partner and the products from leading security OEMs.
The objective, as the exchange went in for this massive exercise, was to cover itself from all the threat vectors, across all the cybersecurity domains. “We wanted to safeguard ourselves not only in terms of technology, but also in terms of people and processes. That is why we mapped each and every domain against people, process and technology and tried finding out very exactly the gaps were in each of these areas. And, then we tried to bridge most of those gaps at one go through the revamp exercise,” explains Pandey.
Today, as part of the Next Generation SOC, there is hybrid team (onsite +remote) at the BSE headquarters in Mumbai and in the remote SOC, which is hosted by IBM. It covers 24×7 and 365 days. The next Generation SOC became operational in August 2017.
“For us time, accuracy and integrity is very important considering the scale at which we operate. Its absolutely critical to quickly identify and respond to any cybersecurity threats and incidents. The next generation SOC is helping us with that through the use of latest technologies, such as deception technologies like Honeypot, user behavior analysis, network behavior analysis, forensics, cognitive and Machine learning,” explains Pandey.
The Next Generation SOC also boasts of advanced threat intelligence by integrating its SIEM with threat intelligence feeds from IBM, CERTIN, Microsoft, and McAfee among others.