December 09, 2018:

Lately Sebi issued detailed guidelines on cyber security for stock brokers & depository participants.

Market regulator Sebi on Friday directed market infrastructure firms to set up cybersecurity operations centres manned by security analysts that will monitor systems round-the-clock to identify, respond to & defend against cyber attacks.

According to Sebi’s circular, cyber security operation centres (C-SOC) of market infrastructure institutions (MIIs) like clearing corporations, depositories & exchanges need to prevent cyber attacks through proactive actions including continuous threat analysis.

According to the circular, Sebi has asked MIIs to “network & host scanning for vulnerabilities & breaches, countermeasure deployment coordination, deploy adequate & appropriate technology at the perimeter to prevent attacks originating from external environments & internal controls to manage insider threats”.

“MIIs may implement necessary controls to achieve zero trust security model,” it added.

Appropriate alert mechanisms such as a comprehensive dashboard, tracking of key security metrics & provide cyber threat scorecards should be implemented, Sebi directed.

In order to detect security incidents in real time, Sebi said, the centre should go for 24X7 monitoring & analysis of relevant logs of MII’s network devices, data traffic, cyber intelligence feeds sourced from reliable vendors, inputs received from other MIIs as also from external agencies such as CERT-In, among others.

Six months granted The move comes after Sebi issued detailed guidelines on cyber security for stock brokers & depository participants.

The regulator has directed bourses, clearing corporations & depositories to put in place systems for implementation within six months. Source Link

Picture Source :