You are here: Home » Markets » News
Business Standard

Sebi asks market infra entities to set up a cyber security operation centre

Sebi said MIIs can choose from one of the four models to set up their cyber security operation centre

Press Trust of India  |  New Delhi 

Photo: Reuters

on Friday asked market to set up a round-the-clock cyber security operation centre manned by dedicated security analysts to identify, respond, recover and thwart

The cyber security operation centre (C-SOC) of market (MIIs) -- clearing corporations, depositories and exchanges-- need to prevent through proactive actions including continuous threat analysis.

Appropriate alert mechanisms should be implemented including a comprehensive dashboard, tracking of key security metrics and provide cyber threat scorecards, said in a circular.

In order to detect security incidents in real time, said, the centre should go for 24X7 monitoring and analysis of relevant logs of MII's network devices, data traffic, feeds sourced from reliable vendors, inputs received from other MIIs as also from external agencies such as CERT-In, among others.

The feeds should include cyber feeds, signature updates, incident reports, threat briefs, and vulnerability alerts.

The latest framework comes after Sebi, earlier this week, issued detailed guidelines on cyber security for stock brokers and depository participants.

ALSO READ: Cyberwars

The regulator has directed bourses, clearing corporations and depositories to take necessary steps to put in place appropriate systems and processes for implementation of the framework within six months.

According to Sebi, the centre should be headed by MII's chief information security officer, who will work closely with various departments including network team, cyber security team and IT. Such officer will directly report to the MD and CEO of the MII.

Sebi said MIIs can choose from one of the four models to set up their cyber security operation centre.

The models include -- MII's own C-SOC manned primarily by its internal staff; MII's own C-SOC, staffed by a service provider, but supervised by a full time staff of the MII.

The other two models to choose from are C-SOC that can be shared by the MII with its group entities; and C-SOC that may be shared by the MII with other Sebi recognised MIIs.

In case wherein a MII currently has a cyber security operation centre set-up that is different from that prescribed by Sebi, then such need "to adopt and transit to one of the models...within a period of one year".

A report on the functioning of the centre including details of faced by the MII, major cyber events warded off by the MII, cyber security breaches, need to be placed on a quarterly basis before the board of such infrastructure institutions.

First Published: Fri, December 07 2018. 18:55 IST