Sebi issues consultation paper on cyber security, resilience framework
Sippy said the framework is based on five simultaneous and continuous functions of cybersecurity as defined by NIST — identification, protection, detection, response, and recovery.
On Tuesday, SEBI came out with an advisory paper on strengthening the cybersecurity framework for the entities it regulates.
The advisory paper on “Unified Cyber Security and Cyber Resilience Framework (CSCRF) for SEBI Regulated Entities” looks at providing a common structure for multiple cyber security approaches to prevent any cyber risks/incidents.
Sippy said the framework is based on five simultaneous and continuous functions of cybersecurity as defined by NIST — identification, protection, detection, response, and recovery.
NIST stands for National Institute of Standards and Technology.
“All other defaulters should draft an updated Cyber Crisis Management Plan (CCMP),” the consultation paper said, adding that they would also have to develop a comprehensive Incident Response Management Plan and related Standard Operating Procedures.
“Alerts generated from monitoring and detection systems must be appropriately investigated for a root cause analysis (RCA),” he noted.
Comments on the consultation paper can be submitted to the organizer until 25 July.
(Only the title and image for this report may have been reworked by the Business Standard team; the rest of the content is generated automatically from a shared feed.)
First published: Jul 04 2023 | 11:34 p.m ist