Notification

  • Image

    Webinar | Angel Investing in India: Mistakes First-Time Investors Avoid

    Book your seat

Navigating the New Cyber Security Framework in GIFT IFSC

Get in touch with us

    Your information is confidential and secure


    Get in touch with us

      Your information is confidential and secure


      Cyber threats are evolving, and for entities operating in GIFT IFSC, staying ahead is not just strategic, rather it’s essential. As GIFT IFSC grows into a global financial powerhouse, the complexity of cyber risks also intensifies. Recognizing this, the International Financial Services Centres Authority (IFSCA) has introduced the “𝐺𝑢𝑖𝑑𝑒𝑙𝑖𝑛𝑒𝑠 𝑜𝑛 𝐶𝑦𝑏𝑒𝑟 𝑆𝑒𝑐𝑢𝑟𝑖𝑡𝑦 𝑎𝑛𝑑 𝐶𝑦𝑏𝑒𝑟 𝑅𝑒𝑠𝑖𝑙𝑖𝑒𝑛𝑐𝑒” aimed at safeguarding data, operations, and reputations.

      Key Implications

      • Every entity  registered with IFSCA (Regulated Entities / REs) must appoint a Designated Officer (like a CISO) to lead cyber risk management.
      • Entities need to develop and regularly update a Cyber Security and Cyber-Resilience Framework tailored to their operations.
      • Annual audits are now mandatory
      • Cyber incidents to be reported within 6 hours, followed by a root cause analysis within 30 days.

      Important Due Dates

      • The framework comes into effect April 1, 2025.
      • Annual audits to be completed and reported within 90 days of the financial year-end.

      Entities exempt from this guideline

      Certain entities, such as units with less than 10 employees, branches of regulated entities, and foreign universities, enjoy a 3-year exemption subject to specific conditions as under:

      • REs shall adopt the Cyber Security and Cyber Resilience framework and IS Policy of its parent entity.
      • The CISO of the parent entity shall act as the Designated Officer for the REs in IFSC.
      • The parent entity of REs, in India or overseas, shall be regulated by a financial sector regulator in its home jurisdiction.

      If you’re navigating these new regulations or setting up operations in GIFT IFSC, it’s crucial to align strategies early. Have questions or need guidance? Let’s connect at dhairya.c@treelife.in for a discussion.

      About the Author
      Treelife
      Treelife social-linkedin
      Treelife Team | support@treelife.in

      We are a legal and finance firm with a deep focus on the startup ecosystem. We offer a wide range of services, including Virtual CFO, Legal Support, Tax & Regulatory, and Global Expansion assistance.

      Our goal at Treelife is to provide you with peace of mind and ease in business.

      We Are Problem Solvers. And Take Accountability.

      Related Posts

      Data Fiduciary vs Data Processor: Redrafting Your B2B Vendor DPAs Under the DPDP Act 2023
      Data Fiduciary vs Data Processor: Redrafting Your B2B Vendor DPAs Under the DPDP Act 2023

      Most Indian B2B contracts signed before 2024 were not written with the Digital Personal Data Protection Act, 2023 in mind....

      Learn MoreLearn More
      Who Owns the Prompt? Modifying Employee IP Assignment Clauses for the GenAI Era
      Who Owns the Prompt? Modifying Employee IP Assignment Clauses for the GenAI Era

      Most Indian employment agreements assign to the employer everything an employee creates, develops, or invents during employment. That clause was...

      Learn MoreLearn More
      The AI Indemnity Trap: Negotiating Liability When Third-Party Algorithms Hallucinate
      The AI Indemnity Trap: Negotiating Liability When Third-Party Algorithms Hallucinate

      Every founder who has embedded a third-party AI model into their product has read an indemnity clause that sounds reassuring....

      Learn MoreLearn More

      For Customer Support

      Mumbai | Delhi |
      Bangalore | GIFT City

      Speak to Us!

      We respond within 60 minutes.

        Your information is confidential and secure


        Let's talk.

        We've seen most founder problems before. Tell us yours.






          Typically responds within 4 hours
          Or reach out directly