ServicesAssessmentsIndustriesSpectraAgentPricingInsightsAboutContactStart Free Assessment
Home Industries BFSI
🏦 Industry

Banking, Financial Services & Insurance

SEBI CSCRF, RBI IT Framework, PCI-DSS, IRDAI compliance — and the cybersecurity hygiene that audits actually demand.

Start Free Assessment → Talk to Our Team
What We Cover

6 concerns we hear most often

01
Annual VAPT obligation
CERT-In empanelled auditor required, certificate must be filed with SEBI/RBI
02
Core banking exposure
Network segmentation around CBS, privileged access controls, jumphost hygiene
03
Cardholder data scope
PCI-DSS scope mapping and reduction via segmentation
04
Data localisation
Customer and payment data must reside on infrastructure physically located in India
05
Cyber insurance
SEBI mandates minimum coverage, RBI expects it for upper-layer NBFCs
06
Incident response
Documented IRP, tested at least annually, CERT-In 6-hour breach notification process
Who this is for

Stock brokers, depository participants, scheduled banks, NBFCs (all layers), payment aggregators, gateways, and insurance companies regulated by SEBI / RBI / IRDAI.

Compliance frameworks
SEBI CSCRF 2023RBI IT Framework 2023PCI-DSS v4.0IRDAI Cybersecurity GuidelinesSWIFT CSPDPDP Act 2023
Recommended Assessments

Start with the verticals that matter most for BFSI

SEBI Compliance Finance & NBFC Website VAPT Network Segmentation Active Directory Backup & DR View all 20 →

Ready to find your gaps?

Run a free AI assessment in under 10 minutes. Our team reviews and contacts you within 24 hours with a prioritised gap report.

Start Free Assessment →