Sebi Friday asked market infrastructure institutions to set up a round-the-clock cyber security operation centre manned by dedicated security analysts to identify, respond, recover and thwart cyber attacks.
The cyber security operation centre (C-SOC) of market infrastructure institutions (MIIs) -- clearing corporations, depositories and exchanges-- need to prevent cyber attacks through proactive actions including continuous threat analysis.
In order to detect security incidents in real time, Sebi said, the centre should go for 24X7 monitoring and analysis of relevant logs of MII's network devices, data traffic, cyber intelligence feeds sourced from reliable vendors, inputs received from other MIIs as also from external agencies such as CERT-In, among others.
The regulator has directed bourses, clearing corporations and depositories to take necessary steps to put in place appropriate systems and processes for implementation of the framework within six months.
According to Sebi, the centre should be headed by MII's chief information security officer, who will work closely with various departments including network team, cyber security team and IT. Such officer will directly report to the MD and CEO of the MII.
The models include -- MII's own C-SOC manned primarily by its internal staff; MII's own C-SOC, staffed by a service provider, but supervised by a full time staff of the MII.
The other two models to choose from are C-SOC that can be shared by the MII with its group entities; and C-SOC that may be shared by the MII with other Sebi recognised MIIs.
In case wherein a MII currently has a cyber security operation centre set-up that is different from that prescribed by Sebi, then such infrastructure institutions need "to adopt and transit to one of the models...within a period of one year".
breaches need to be placed on a quarterly basis before the board of such infrastructure institutions.
(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)