Sebi to expand scope of cybersecurity initiatives for MIIs
Regulator Sebi is planning to broaden the scope of cybersecurity initiatives for the market infrastructure institutions (MIIs) and look into the operational modalities of their implementation in order to deal with the cyber challenges. Enhancement of cybersecurity has been one of the priorities of the Securities and Exchange Board of India (Sebi) during the financial year 2017-18. “Taking cognizance of the threat posed by technological developments in the Indian capital markets and the rise of cyber threats in the financial domain across the globe, Sebi had laid down a detailed framework with regard to cyber security and cyber resilience that stock exchanges, clearing corporations and depositories are required to adopt,” the regulator said in its annual report for 2017-18.
Additionally, a high powered steering committee on cybersecurity was constituted which was chaired by a Whole Time Member of Sebi and created a cybersecurity cell to actively address cybersecurity issues.
“In 2017-18, Sebi had actively issued three advisories in the wake of ransomware attacks. Additionally, advisories were also issued based on inputs from the National Cyber Security Coordinator (NSCS),” the report said.
Last year, multiple incidents of ransomware attacks like WannaCry, Petya and Locky were reported globally.
As per the report, Sebi had compiled a list of cyber threat vectors and cyberattack scenarios, which was shared with the MIIs to aid them in dealing with the risks.
“As a pre-emptive measure to further enhance the safeguards placed to protect the systems of the Indian MIIs, Sebi had advised MIIs to put in controls based on its list of cyber threat vectors and cyberattack scenarios,” the report added.