Home > News > Navigating the New Cyber Security Framework in GIFT IFSC

Navigating the New Cyber Security Framework in GIFT IFSC

Written By

Treelife

Published on

March 12,
2025

Last updated on

March 12, 2025
14:17

Link copied to clipboard!

https://treelife.in/news/navigating-the-new-cyber-security-framework-in-gift-ifsc/

We take care of your Legal, Finance & Compliance needs!

Let's Talk

Content Overview

We take care of your Legal, Finance & Compliance needs!

Let's Talk

Blog Content Overview

1 Key Implications
2 Important Due Dates
3 Entities exempt from this guideline

Cyber threats are evolving, and for entities operating in GIFT IFSC, staying ahead is not just strategic, rather it’s essential. As GIFT IFSC grows into a global financial powerhouse, the complexity of cyber risks also intensifies. Recognizing this, the International Financial Services Centres Authority (IFSCA) has introduced the “𝐺𝑢𝑖𝑑𝑒𝑙𝑖𝑛𝑒𝑠 𝑜𝑛 𝐶𝑦𝑏𝑒𝑟 𝑆𝑒𝑐𝑢𝑟𝑖𝑡𝑦 𝑎𝑛𝑑 𝐶𝑦𝑏𝑒𝑟 𝑅𝑒𝑠𝑖𝑙𝑖𝑒𝑛𝑐𝑒” aimed at safeguarding data, operations, and reputations.

Key Implications

Every entity registered with IFSCA (Regulated Entities / REs) must appoint a Designated Officer (like a CISO) to lead cyber risk management.
Entities need to develop and regularly update a Cyber Security and Cyber-Resilience Framework tailored to their operations.
Annual audits are now mandatory
Cyber incidents to be reported within 6 hours, followed by a root cause analysis within 30 days.

Important Due Dates

The framework comes into effect April 1, 2025.
Annual audits to be completed and reported within 90 days of the financial year-end.

Entities exempt from this guideline

Certain entities, such as units with less than 10 employees, branches of regulated entities, and foreign universities, enjoy a 3-year exemption subject to specific conditions as under:

REs shall adopt the Cyber Security and Cyber Resilience framework and IS Policy of its parent entity.
The CISO of the parent entity shall act as the Designated Officer for the REs in IFSC.
The parent entity of REs, in India or overseas, shall be regulated by a financial sector regulator in its home jurisdiction.

If you’re navigating these new regulations or setting up operations in GIFT IFSC, it’s crucial to align strategies early. Have questions or need guidance? Let’s connect at dhairya.c@treelife.in for a discussion.

About the Author

Treelife

Treelife Team | support@treelife.in

We are a legal and finance firm with a deep focus on the startup ecosystem. We offer a wide range of services, including Virtual CFO, Legal Support, Tax & Regulatory, and Global Expansion assistance.

Our goal at Treelife is to provide you with peace of mind and ease in business.