Modification in Cyber Security and Cyber Resilience framework

Modification in Cyber Security and Cyber Resilience framework

Modification in Cyber Security and Cyber Resilience framework of Stock Exchanges, Clearing Corporations and Depositories

  1. SEBI vide circular nos. SEBI/CIR/MRD/DP/13/2015 dated July 06, 2015 and SEBI/HO/MRD1/MRD1_DTCS/P/CIR/2022/68 dated May 20, 2022 prescribed framework for Cyber Security and Cyber Resilience for stock exchanges, clearing corporations and depositories.
  2. In this regard, clause 3 of SEBI circular dated May 20, 2022, shall now be read as under:

    3. MIIs are mandated to conduct comprehensive cyber audit at least 2 times in a financial year. Along with cyber audit reports, henceforth, MIIs are directed to submit a declaration from the MD/CEO certifying that:
    i.Comprehensive measures and processes including suitable incentive/disincentive structures, have been put in place for identification/detection and closure of vulnerabilities in the organization’s IT systems.
    ii. Adequate resources have been hired for staffing their Security Operations Center (SOC).
    iii. There is compliance by the MII with all SEBI circulars and advisories related to cyber security.
  3. Further, MIIs, whose systems have been identified as Critical Information Infrastructure (CII) by National Critical Information Infrastructure Protection Centre (NCIIPC), are mandated to send regular updates/closure status of the vulnerabilities found in their respective “protected systems” to NCIIPC.
  4. MIIs are required to take necessary steps to put in place systems for implementation of the circular, including necessary amendments to the relevant bye-laws, rules and regulations, if any.
  5. MIIs are directed to communicate the status of the implementation of the provisions of this circular to SEBI within 30 days from the date of this Circular.
  6. The provisions of the Circular shall come into force with immediate effect.
  7. This circular is being issued in exercise of powers conferred under Section 11 (1) of the Securities and Exchange Board of India Act, 1992 read with Regulation 51 of Securities Contracts (Regulation) (Stock Exchanges and Clearing Corporations) Regulations, 2018 and Section 19 of the Depositories Act, 1996 read with Regulation 97 of Securities and Exchange Board of India (Depositories and Participants) Regulations, 2018 to protect the interests of investors in securities and to promote the development of, and to regulate the securities market.
  8. The circular is issued with the approval of the competent authority

Circular

Read More on SEBI

CA Cult