Bom HC: Person Cannot be Deprived of Right to Sleep by Recording Statements at Unearthly Hours  ||  Supreme Court: Enable E-Filing & Virtual Appearance Facilities At UP District Courts  ||  Supreme Court: Regulations of University Grants Commission are Binding on Universities  ||  Ker. HC: Assessment Order Quashed on Finding that Assessee Not Provided Effective Hearing  ||  Bom. HC: All Necessary Measures to be Taken to Prevent Law & Order Breach During Ram Navami Rally  ||  Del. HC: False Accusation of Child Abuse More Painful than Rigours of Trial and Imprisonment  ||  Supreme Court: Actual Statement Made by Person in the Court is Evidence Before Court  ||  Bombay HC: Court Setting Aside Magistrate's Order for Police Investi. Won’t Lead to Quashing of FIR  ||  SC: Evidence by Power of Attorney Holders Can Only be Given of Facts Within Their Personal Knowledge  ||  Delhi High Court: Compensation Can be Awarded on Guesswork When it is Difficult to Prove Loss    

Guidelines for MIIs Regarding Cyber Security and Cyber Resilience- (Securities and Exchange Board of India) (29 Aug 2023)

MANU/SSMD/0036/2023

Capital Market

1. Market Infrastructure Institutions (i.e. Stock Exchanges, Clearing Corporations and Depositories) are systemically important institutions as they, inter-alia, provide infrastructure necessary for the smooth and uninterrupted functioning of the securities market. As part of the operational risk management, these Market Infrastructure Institutions (MIIs) need to have robust cyber security framework to provide essential facilities and perform systemically critical functions relating to trading, clearing and settlement in securities market. It is also important that MIIs establish and continuously improve their Information Technology (IT) processes and controls to preserve confidentiality, integrity and availability of data and IT systems.

2. With the change in market dynamics in the Indian Securities markets, the interdependence among the MIIs has seen significant increase. Considering the interconnectedness and interdependency of the MIIs to carry out their functions, the cyber risk of any given MII is no longer limited to the Mil's owned or controlled systems, networks and assets.

3. In view of the above, based on the recommendations of the High Powered Steering Committee on Cyber Security of SEBI and in consultation with MIIs, it has been decided to issue guidelines for strengthening the existing cyber security and cyber resilience framework of MIIs. The said guidelines are placed at Annexure-A and MIIs are required to comply with the same.

4. These guidelines should be read in conjunction with the applicable SEBI circulars (including but not limited to that relating to Cybersecurity and Cyber Resilience framework, System and Network Audit framework, etc.) and subsequent updates issued by SEBI from time to time.

5. The compliance of the guidelines shall be provided by the MIIs along with their cybersecurity audit report (conducted as per the applicable SEBI Cybersecurity and Cyber Resilience framework). The compliance shall be submitted as per the existing reporting mechanism.

6. The provisions of the Circular shall come into force with immediate effect.

7. MIIs are required to take necessary steps to put in place systems for implementation of the circular, including necessary amendments to the relevant bye-laws, rules and regulations, if any, within 120 days from the date of the circular.

8. This circular is being issued in exercise of powers conferred under Section 11 (1) of the Securities and Exchange Board of India Act, 1992 , read with Regulation 51 of the Securities Contracts (Regulation) (Stock Exchanges and Clearing Corporations) Regulations, 2018 and Section 19 of the Depositories Act, 1996 read with Regulation 97 of Securities and Exchange Board of India (Depositories and Participants) Regulations, 2018 to protect the interests of investors in securities and to promote the development of, and to regulate the securities market.

9. The circular is issued with the approval of Competent Authority.

Tags : GUIDELINES   CYBER SECURITY   CYBER RESILIENCE  

Share :        

Disclaimer | Copyright 2024 - All Rights Reserved