Advisory Services
Audit
Consulting
ESG Advisory
RBI Registration
SEBI Registration
IRDA Registration
FEMA Advisory
Compliances
IBC Services
VCFO Services
Growing
Developing
ME-1
ME-2
EU-1
EU-2
SE
Others
Select Your Location
On 30th June 2022, vide circular number SEBI/HO/MIRSD/TPD/P/CIR/2022/93, a Circular was issued by the Securities and Exchange Board of India (SEBI) wherein SEBI modified the cyber security and cyber resilience framework for Stock Brokers and Depository Participants. SEBI has mandated these entities to report incidents of data breaches, cyber-attacks and the like event to the Stock Exchanges/ Depositories Participants within a period of 6 hours from noticing/ detecting such event or being brought to the notice about such an incident. All the recognised stock exchanges and Depositories have been asked under this Circular to take corrective steps and mitigative strategies to prevent such events from taking place in future.
Who are the players to whom the circular on modified cyber resilience framework for Stock brokers and depository participants is applicable?
The Circular on Modification in Cyber security and Cyber resilience framework for Stock Brokers / Depository Participants” is applicable to the following entities:
Reporting of data breach incidents in 6 hours
The stock brokers and depository participants have been mandated by this Circular to report the incidents of data breach, cyber attacks and cyber threats directed toward the stock brokers and depository participants and SEBI within a period of 6 hours from noticing or detecting the above-mentioned incidents or when such incidents have brought within their notice.
Reporting of Incidents to CERT-In
Apart from reporting the above-mentioned incidents of data breach and cyber-attacks to Stock exchanges, depositories and SEBI, the stock brokers and depository participants have been instructed to report such incidents to Computer Emergency Response Team (CERT-In) in accordance with the directions/ guidelines issued by the CERT-In[1] from time to time.
Reporting to NCIIPC
Further, the depository participants or stock brokers whose systems have been identified as “Protected systems” by the National Critical Information Infrastructure Protection Centre (NCIIPC) are also bound to report such incidents to NCIIPC.
Submission of Quarterly Reports
The stock brokers and depository participants have been directed to submit quarterly reports containing information on cyber-attacks, cyber incidents, and cyber threats, along with the appropriate measures adopted by the stock brokers and depository participants to mitigate the vulnerabilities, attacks and threats, including information on vulnerabilities, threats and bugs which can be become useful for other Depository participants, stock brokers, stock exchanges, depositories and SEBI.
Such reports shall be submitted to the stock exchanges and depositories within a period of 15 days from the quarter ended June, September, December and March every year.
Dedicated e-mail address
All the above-mentioned information shall be shared with SEBI through a dedicated e-mail address: sbdp-cyberincidents@sebi.gov.in.
Further steps to be taken by Depositories and Stock Exchanges
All the depositories and stock exchanges need to take the following steps:
The directions in this Circular shall come into effect immediately, i.e. from 30th June 2022 only, and all the stock brokers and depository participants need to comply with the modified cyber resilience framework with immediate effect.
This Circular on modification in the cyber resilience framework for Stock Brokers or Depository Participants have been brought after exercising the powers conferred on the SEBI under sub-section 1 of section 11 of the SEBI Act, 1992 with an intent to protect the interests of the investors in the securities market and also to promote the development and regulate the securities market.
Read our Article: SEBI modifies cyber security framework for Stock Brokers/ Depository Participants
Prabhat has done his BA LLB (Hons) and has been writing research papers since his law school days. His interest in content writing made him pursue a career in legal research and content writing. His core areas of interest are indirect taxes, finance and real estate.
On 18th May 2023, the Securities Exchange Board of India (SEBI) released a Consultation Paper o...
Infrastructure and real estate have been regarded as India's "sunshine sector" since the turn o...
On 22nd May 2023, the Central Board of Direct Taxes (CBDT)[1] issued a new circular under secti...
Anyone can have different sources of income. With globalization and the opening up of economies...
The Reserve Bank of India (RBI) is crucial in regulating NBFC, including branch openings and cl...
In India, Non-Banking Financial Companies are subject to certain restrictions from taking publi...
It's usually a good idea to diversify the assets in your financial portfolio, especially during...
A nation is being built by the non-banking finance company through the development of wealth, t...
A corporate entity known as a portfolio manager complies with a contract or agreement with the...
Identifying and analysing risks associated with individual portfolio investments, such as equit...
Are you human?: 9 + 2 =
Easy Payment Options Available No Spam. No Sharing. 100% Confidentiality
The Securities and Exchange Board of India has proposed compliance standards for index providers with a view to inc...
11 Jan, 2021
On 3rd June 2022, vide circular number SEBI/HO/DDHS/DDHS_Div2/P/CIR/2022/079, a Circular was issued by the Securiti...
08 Jun, 2022
Red Herring Top 100 Asia enlists outstanding entrepreneurs and promising companies. It selects the award winners from approximately 2000 privately financed companies each year in the Asia. Since 1996, Red Herring has kept tabs on these up-and-comers. Red Herring editors were among the first to recognize that companies such as Google, Facebook, Kakao, Alibaba, Twitter, Rakuten, Salesforce.com, Xiaomi and YouTube would change the way we live and work.
Researchers have found out that organization using new technologies in their accounting and tax have better productivity as compared to those using the traditional methods. Complying with the recent technological trends in the accounting industry, Enterslice was formed to focus on the emerging start up companies and bring innovation in their traditional Chartered Accountants & Legal profession services, disrupt traditional Chartered Accountants practice mechanism & Lawyers.
Stay updated with all the latest legal updates. Just enter your email address and subscribe for free!
Chat on Whatsapp
Hey I'm Suman. Let's Talk!