All cyber attacks, threats, cyber incidents and breaches experienced by KRAs shall be reported to Sebi within six hours of noticing/detecting such incidents or being brought to notice about such incidents
KYC Registration Agencies (KRAs) have been told by capital markets regulator Sebi to report all cyber attacks, threats and breaches experienced by them within six hours of detecting such incidents. in accordance with the guidelines issued by CERT-In from time to time, the incident will also be reported to the Indian Computer Emergency Response team (CERT-In), according to a circular.
Additionally, the KRAs, whose systems have been identified as ‘protected system’ by National Critical Information Infrastructure Protection Centre (NCIIPC) will also report such incidents to NCIIPC.
“All cyber attacks, threats, cyber incidents and breaches experienced by KRAs shall be reported to Sebi within six hours of noticing/detecting such incidents or being brought to notice about such incidents,” the regulator said on Tuesday.
The quarterly reports containing information on cyber attacks, threats, cyber incidents and breaches experienced by the stock brokers and depository participants and measures taken to mitigate the vulnerabilities, including information on bugs vulnerabilities, threats that may be useful for others, will have to be submitted to Sebi within 15 days from the end of every quarter.
Through a dedicated e-mail id, this information will be shared to the Securities and Exchange Board of India (Sebi).
Last month, the regulator came out with a similar directive for stock brokers and depository participants.
Also read: Digital literacy helps us stay informed, connected, and safe
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics