Mumbai is India financial capital, home to the Reserve Bank of India, BSE and NSE, major commercial banks, and the country largest financial services sector. Mumbai-based organisations face rigorous cybersecurity requirements from the RBI Cybersecurity Framework, SEBI Cybersecurity and Cyber Resilience Framework, IRDAI guidelines, and international customer demands.
Mumbai Financial Sector Cybersecurity Compliance
- RBI Cybersecurity Framework — Mandatory for all scheduled commercial banks and NBFCs
- SEBI CSCRF — Cybersecurity and Cyber Resilience Framework for market infrastructure and intermediaries
- IRDAI Cybersecurity Guidelines — For insurance companies and brokers
- DPDP Act — Digital Personal Data Protection Act compliance for financial data processors
- ISO 27001 — International certification complementing RBI and SEBI requirements
Frequently Asked Questions
Does the RBI Cybersecurity Framework require penetration testing?
Yes. The RBI Cybersecurity Framework mandates regular vulnerability assessments and penetration testing for all scheduled commercial banks in India. The frequency and scope requirements vary by bank size and risk classification. eShield delivers RBI-compliant VAPT reports in the format accepted by RBI supervisors.
