News

To detect security lapses: Sebi wants cyber audit by bourses to be twice a year

To detect security lapses: Sebi wants cyber audit by bourses to be twice a year

Capital markets regulator Securities and Exchange Board of India (Sebi) on Friday mandated a compulsory comprehensive cyber audit of market infrastructure institutions (stock exchanges, depositories, clearing corporations) at least twice during the financial year. Further, along with the audit reports, the regulator has directed all MIIs to submit a declaration from MDs/CEOs “certifying compliance by the MII with all Sebi Circulars and advisories related to Cyber security issued from time to time.”

To detect security vulnerabilities in the IT (information technology) environment and for in-depth evaluation of security posture of the system, the regulator on Friday has asked authorities concerned to carry out periodic vulnerability assessment and penetration testing (VAPT), inter-alia including all critical assets and infrastructure components like servers, networking systems, security devices, load balancers, and other IT systems pertaining to the activities done as a role of MII.

Top