Cyber security and cyber resilience obligations: market infrastructure institutions must implement controls to manage operational cyber risk and reporting. Imposes a mandatory Cyber Security and Cyber Resilience framework on Stock Exchanges, Clearing Corporations and Depositories requiring Board approved policies to identify critical assets, assess cyber risks, apply protection/detection/response/recovery processes, designate a CISO, adopt recognised standards, conduct vulnerability assessments and penetration testing, implement access controls, encryption and monitoring, perform incident drills and forensic investigations, submit quarterly reports to the regulator, and ensure vendor and staff security, training and audit coverage.
Cases where this provision is explicitly mentioned in the judgment/order text; may not be exhaustive. To view the complete list of cases mentioning this section, Click here.
Provisions expressly mentioned in the judgment/order text.
Cyber security and cyber resilience obligations: market infrastructure institutions must implement controls to manage operational cyber risk and reporting.
Imposes a mandatory Cyber Security and Cyber Resilience framework on Stock Exchanges, Clearing Corporations and Depositories requiring Board approved policies to identify critical assets, assess cyber risks, apply protection/detection/response/recovery processes, designate a CISO, adopt recognised standards, conduct vulnerability assessments and penetration testing, implement access controls, encryption and monitoring, perform incident drills and forensic investigations, submit quarterly reports to the regulator, and ensure vendor and staff security, training and audit coverage.
Full Summary is available for active users!
Note: It is a system-generated summary and is for quick reference only.