New framework on consolidated cyber security

New DelhiMarkets watchdog Sebi has proposed a consolidated cyber security and cyber resilience framework wherein all regulated entities need to put in place an up-to-date cyber crisis management plan.

The framework has been mooted to further strengthen cyber-risks, incidents prevention, preparedness, and response capacities of the entities. Sebi has issued a consultation paper on ‘Consolidated Cyber Security and Cyber Resilience Framework (CSCRF) for Sebi Regulated Entities’ looks at providing a common structure for multiple approaches to cyber security to prevent any cyber-risks/incidents. Comments have been sought on the consultation paper till July 25. The Securities and Exchange Board of India (Sebi) said the framework is based on five concurrent and continuous functions of cyber security as defined by NIST -- Identify, Protect, Detect, Respond, and Recover. NIST refers to the National Institute of Standards and Technology.

According to Sebi, the framework will continue to be updated and improved as technology and the securities market evolves as different REs (Regulated Entities) provide their feedback.