https://www.taxtmi.com/circulars?id=59087 SEBI mandates all mutual funds and AMCs to adopt a board approved Cyber Security and Cyber Resilience framework requiring designation of a CISO, Technology Committee oversight, and implementation of the identify protect detect respond recover lifecycle. Operational controls include least privilege access, two factor authentication, encryption of data in motion and data at rest, hardened systems, patch management, VAPT and annual penetration testing, continuous monitoring and logging, incident response and recovery planning, quarterly reporting of cyber incidents to SEBI, anonymised threat sharing, periodic training, annual independent audits, and vendor compliance obligations. en-us Thu, 10 Jan 2019 00:00:00 +0530 Fri, 11 Jan 2019 18:11:00 +0530 TaxTMI RSS Generator https://www.taxtmi.com/circulars?id=59087 SEBI mandates all mutual funds and AMCs to adopt a board approved Cyber Security and Cyber Resilience framework requiring designation of a CISO, Technology Committee oversight, and implementation of the identify protect detect respond recover lifecycle. Operational controls include least privilege access, two factor authentication, encryption of data in motion and data at rest, hardened systems, patch management, VAPT and annual penetration testing, continuous monitoring and logging, incident response and recovery planning, quarterly reporting of cyber incidents to SEBI, anonymised threat sharing, periodic training, annual independent audits, and vendor compliance obligations. Circulars SEBI Thu, 10 Jan 2019 00:00:00 +0530 https://www.taxtmi.com/circulars?id=59087