{"id":59113,"date":"2022-07-04T11:40:03","date_gmt":"2022-07-04T06:10:03","guid":{"rendered":"https:\/\/enterslice.com\/learning\/?p=59113"},"modified":"2022-07-07T18:21:28","modified_gmt":"2022-07-07T12:51:28","slug":"sebi-modifies-cyber-resilience-framework-for-stock-brokers","status":"publish","type":"post","link":"https:\/\/enterslice.com\/learning\/sebi-modifies-cyber-resilience-framework-for-stock-brokers\/","title":{"rendered":"SEBI modifies cyber resilience framework for Stock Brokers\/ Depository Participants"},"content":{"rendered":"<p class=\"has-drop-cap\">On 30<sup>th<\/sup> June 2022, vide circular number SEBI\/HO\/MIRSD\/TPD\/P\/CIR\/2022\/93, a Circular was issued by the Securities and Exchange Board of India (SEBI) wherein SEBI modified the <strong><a href=\"https:\/\/enterslice.com\/cybersecurity-and-data-privacy\">cyber security<\/a><\/strong> and cyber resilience framework for Stock Brokers and Depository Participants. SEBI has mandated these entities to report incidents of data breaches, cyber-attacks and the like event to the Stock Exchanges\/ Depositories Participants within a period of 6 hours from noticing\/ detecting such event or being brought to the notice about such an incident. All the recognised stock exchanges and Depositories have been asked under this Circular to take corrective steps and mitigative strategies to prevent such events from taking place in future.&nbsp;<\/p>\n\n\n\n<p><strong>Who are the players to whom the circular on modified cyber resilience framework for Stock brokers and depository participants is applicable?<\/strong><\/p>\n\n\n\n<p>The Circular on Modification in Cyber security and Cyber resilience framework for Stock Brokers \/ Depository Participants&rdquo; is applicable to the following entities:<\/p>\n\n\n\n<ol type=\"1\"><li>All the Recognised Stock Exchanges<\/li><li>All the Depositories<\/li><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Highlights of the Circular on modified cyber resilience framework for Stock brokers and depository participants&nbsp;&nbsp;&nbsp;<\/h2>\n\n\n\n<p><strong>Reporting of data breach incidents in 6 hours<\/strong><\/p>\n\n\n\n<p>The stock brokers and depository participants have been mandated by this Circular to report the incidents of data breach, cyber attacks and cyber threats directed toward the stock brokers and depository participants and SEBI within a period of 6 hours from noticing or detecting the above-mentioned incidents or when such incidents have brought within their notice.<\/p>\n\n\n\n<p><strong>Reporting of Incidents to CERT-In&nbsp;<\/strong><\/p>\n\n\n\n<p>Apart from reporting the above-mentioned incidents of data breach and cyber-attacks to Stock exchanges, depositories and SEBI, the stock brokers and depository participants have been instructed to report such incidents to Computer Emergency Response Team (CERT-In) in accordance with the directions\/ guidelines issued by the <strong>CERT-In<\/strong><sup><a href=\"https:\/\/en.wikipedia.org\/wiki\/Indian_Computer_Emergency_Response_Team\"><strong>[1]<\/strong><\/a><\/sup> from time to time.<\/p>\n\n\n\n<p><strong>Reporting to NCIIPC &nbsp;&nbsp;<\/strong><\/p>\n\n\n\n<p>Further, the depository participants or stock brokers whose systems have been identified as &ldquo;Protected systems&rdquo; by the National Critical Information Infrastructure Protection Centre (NCIIPC) are also bound to report such incidents to NCIIPC.<\/p>\n\n\n\n<p><strong>Submission of Quarterly Reports<\/strong><\/p>\n\n\n\n<p>The stock brokers and depository participants have been directed to submit quarterly reports containing information on cyber-attacks, cyber incidents, and cyber threats, along with the appropriate measures adopted by the stock brokers and depository participants to mitigate the vulnerabilities, attacks and threats, including information on vulnerabilities, threats and bugs which can be become useful for other Depository participants, stock brokers, stock exchanges, depositories and SEBI.<\/p>\n\n\n\n<p>Such reports shall be submitted to the stock exchanges and depositories within a period of 15 days from the quarter ended June, September, December and March every year.<\/p>\n\n\n\n<p><strong>Dedicated e-mail address<\/strong><\/p>\n\n\n\n<p>All the above-mentioned information shall be shared with SEBI through a dedicated e-mail address: <em>sbdp-cyberincidents@sebi.gov.in<\/em>.&nbsp;<\/p>\n\n\n\n<p><strong>Further steps to be taken by Depositories and Stock Exchanges&nbsp; &nbsp;<\/strong><\/p>\n\n\n\n<p>All the depositories and stock exchanges need to take the following steps:<\/p>\n\n\n\n<ol type=\"a\"><li>Necessary amendments have to be made to the bye-laws, rules and regulations for implementing the above criteria; and<\/li><li>The directions of this Circular need to be brought to the notice of their members and participants and also disseminated particulars of this Circular through their websites.<\/li><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Date of coming into effect<\/h2>\n\n\n\n<p>The directions in this Circular shall come into effect immediately, i.e. from 30th June 2022 only, and all the stock brokers and depository participants need to comply with the modified cyber resilience framework with immediate effect. &nbsp;&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n\n\n<p>This Circular on modification in the cyber resilience framework for Stock Brokers or Depository Participants have been brought after exercising the powers conferred on the SEBI under sub-section 1 of section 11 of the SEBI Act, 1992 with an intent to protect the interests of the investors in the securities <a class=\"glossaryLink\"  aria-describedby=\"tt\"  data-cmtooltip=\"&lt;div class=glossaryItemTitle&gt;Market&lt;\/div&gt;&lt;div class=glossaryItemBody&gt;A market is a structured environment, either physical or virtual, where buyers and sellers convene to trade goods and services. This trading hub operates based on the principles of supply and(...)&lt;\/div&gt;\"  href=\"https:\/\/enterslice.com\/learning\/terms\/market\/\"  data-gt-translate-attributes='[{\"attribute\":\"data-cmtooltip\", \"format\":\"html\"}]'>market<\/a> and also to promote the development and regulate the securities market.&nbsp;<\/p>\n\n\n\n<p class=\"text-left\"><b>Read our Article<\/b>: <mark style=\"background: #fffd03 !important;\"><a href=\"https:\/\/enterslice.com\/learning\/cyber-security-framework-for-stock-brokers\/\">SEBI modifies cyber security framework for Stock Brokers\/ Depository Participants<\/a><\/mark><\/p>\n\n\n<a href=\"https:\/\/enterslice.com\/learning\/wp-content\/uploads\/2022\/07\/1656589407326.pdf\" class=\"pdfemb-viewer\" style=\"width: 767px; \" data-width=\"767\" data-height=\"max\" data-toolbar=\"bottom\" data-toolbar-fixed=\"on\">1656589407326<br><\/a>\n<p class=\"wp-block-pdfemb-pdf-embedder-viewer\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On 30th June 2022, vide circular number SEBI\/HO\/MIRSD\/TPD\/P\/CIR\/2022\/93, a Circular was issued by the Securities and Exchange Board of India (SEBI) wherein SEBI modified the cyber security and cyber resilience framework for Stock Brokers and Depository Participants. SEBI has mandated these entities to report incidents of data breaches, cyber-attacks and the like event to the [&hellip;]<\/p>\n","protected":false},"author":59,"featured_media":59114,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[2828],"tags":[4587],"acf":{"service_id":"227"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v14.6.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SEBI modifies cyber resilience framework for Stock Brokers<\/title>\n<meta name=\"description\" content=\"Securities and Exchange Board of India (SEBI) modified the cyber security and cyber resilience framework for Stock Brokers and Depository Participants.\" \/>\n<meta name=\"robots\" content=\"index, follow\" \/>\n<meta name=\"googlebot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta name=\"bingbot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/enterslice.com\/learning\/sebi-modifies-cyber-resilience-framework-for-stock-brokers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SEBI modifies cyber resilience framework for Stock Brokers\" \/>\n<meta property=\"og:description\" content=\"Securities and Exchange Board of India (SEBI) modified the cyber security and cyber resilience framework for Stock Brokers and Depository Participants.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/enterslice.com\/learning\/sebi-modifies-cyber-resilience-framework-for-stock-brokers\/\" \/>\n<meta property=\"og:site_name\" content=\"Enterslice\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/enterslice\" \/>\n<meta property=\"article:author\" content=\"omvir\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-04T06:10:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-07-07T12:51:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/enterslice.com\/learning\/wp-content\/uploads\/2022\/07\/SEBI-modifies-cyber-resilience-framework-for-Stock-Brokers-Depository-Participants.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"670\" \/>\n\t<meta property=\"og:image:height\" content=\"352\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:creator\" content=\"@enterslice\" \/>\n<meta name=\"twitter:site\" content=\"@enterslice\" \/>\n<!-- \/ Yoast SEO plugin. -->","authorName":"Prabhat Nigam","authorImageUrl":"https:\/\/enterslice.com\/learning\/wp-content\/uploads\/2021\/12\/prabhat.nigam_.jpg","authorDescription":"Prabhat has done his BA LLB (Hons) and has been writing research papers since his law school days. His interest in content writing made him pursue a career in legal research and content writing. His core areas of interest are indirect taxes, finance and real estate.","postViews":433,"readingTime":3,"nextPost":{"id":59123,"slug":"interim-financial-reporting-advantages-and-disadvantages"},"prevPost":{"id":59105,"slug":"new-guidelines-for-tds-on-virtual-digital-asset-and-cryptocurrency-cbdt"},"featuredMediaUrl":"https:\/\/enterslice.com\/learning\/wp-content\/uploads\/2022\/07\/SEBI-modifies-cyber-resilience-framework-for-Stock-Brokers-Depository-Participants.jpg","postTerms":"SEBI","_links":{"self":[{"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/posts\/59113"}],"collection":[{"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/users\/59"}],"replies":[{"embeddable":true,"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/comments?post=59113"}],"version-history":[{"count":0,"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/posts\/59113\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/media\/59114"}],"wp:attachment":[{"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/media?parent=59113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/categories?post=59113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/enterslice.com\/learning\/wp-json\/wp\/v2\/tags?post=59113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}