wordpress blog stats
Connect with us

Hi, what are you looking for?

SEBI asks stock exchanges to implement a cyber security policy

Bombay Stock exchange - flickr

Markets regulator Securities and Exchange Board of India (SEBI) asked stock exchanges and other key entities to put necessary framework to safeguard systems, networks and databases from cyber attacks in place.

“Stock exchanges, depositories and clearing corporations are systemically important market infrastructure institutions (MIIs). As part of the operational risk management, these MIIs need to have robust cyber security framework to provide essential facilities and perform systemically critical functions relating to trading, clearing and settlement in securities market,”SEBI said in a circular. The regulator has asked these MIIs to put in place systems and also amend relevant by-laws within six months.

The regulator also added that once these cyber security policies are implemented by MIIs, it would review them every year. MIIs would also have to designate a senior official as chief information security officer whose function would be to assess, identify and reduce cyber security risks, respond to incidents and establish appropriate standards and controls.

The regulator also said that MIIs should send quarterly reports which contain information on cyber attacks and threats experienced by MII and measures taken to mitigate vulnerabilities, threats and attacks including information on bugs, vulnerabilities and threats that may be useful for other institutions.

SEBI also mandated that stock exchanges should ensure records of user access are uniquely identified and logged for audit and review purposes. “Such logs should be maintained and stored in encrypted form for a time period not less than two years,” SEBI said.

Other security measures by SEBI

– In 2013, the Indian government decided to include SEBI and Reserve Bank of India (RBI) among agencies that get access to Call Data Records (CDR) to help them track economic offences including insider trading.

– In August 2011, SEBI had sent a formal request to the Department of Telecommunications to include the board in the list of law enforcement or investigating agencies which can seek e-mail and call records from telecom service providers.

– In April 2013, SEBI was also looking to issue guidelines to companies on the use of Facebook, Twitter and social media for the dissemination of information to client. SEBI also plans to hire staff to sift through social media for stock market tip offs that could impact the stock prices before official announcements.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


Sensitive card data belonging millions of Indians has been compromised and leaked on the dark web due to a security comprise at a server...


From January 15, all landline phones dialling mobile numbers will need to prefix “0” first, the Department of Telecommunications ordered on November 20 and...


Jobs listing website, IIMjobs.com, suffered a database breach on Monday exposing personal data of nearly 1.4 million users that were registered on the website....


The Department of Telecommunications (DoT) will put out a policy soon for the proliferation of public WiFi hotspots, a senior official said. “In the...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ