<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="https://www.taxtmi.com/rss_sitemap/rss_feed_blog.xsl?v=1750492856"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Guidelines for MIIs regarding Cyber security and Cyber resilience</title>
    <link>https://www.taxtmi.com/circulars?id=66785</link>
    <description>SEBI mandates immediate compliance by MIIs with prescribed cybersecurity and cyber resilience measures, to be reported with statutory cybersecurity audits and implemented within 120 days. Required measures include encrypted offline backups tested quarterly; gold images and spare hardware for rapid rebuilds; vulnerability scanning and quarterly patch reviews; endpoint protection, application whitelisting, MFA, least privilege controls and privileged access management; secure Active Directory and domain controller practices with penetration testing; network and API whitelisting, DNS filtering and DNS Sec; detailed log retention; controlled remote access; SOPs to implement government cybersecurity advisories; business continuity drills including ransomware scenarios; and vendor/linked MII inclusion in recovery testing.</description>
    <language>en-us</language>
    <pubDate>Tue, 29 Aug 2023 00:00:00 +0530</pubDate>
    <lastBuildDate>Tue, 29 Aug 2023 17:30:00 +0530</lastBuildDate>
    <generator>TaxTMI RSS Generator</generator>
    <atom:link href="https://www.taxtmi.com/rss_feed_blog?id=724574" rel="self" type="application/rss+xml"/>
    <item>
      <title>Guidelines for MIIs regarding Cyber security and Cyber resilience</title>
      <link>https://www.taxtmi.com/circulars?id=66785</link>
      <description>SEBI mandates immediate compliance by MIIs with prescribed cybersecurity and cyber resilience measures, to be reported with statutory cybersecurity audits and implemented within 120 days. Required measures include encrypted offline backups tested quarterly; gold images and spare hardware for rapid rebuilds; vulnerability scanning and quarterly patch reviews; endpoint protection, application whitelisting, MFA, least privilege controls and privileged access management; secure Active Directory and domain controller practices with penetration testing; network and API whitelisting, DNS filtering and DNS Sec; detailed log retention; controlled remote access; SOPs to implement government cybersecurity advisories; business continuity drills including ransomware scenarios; and vendor/linked MII inclusion in recovery testing.</description>
      <category>Circulars</category>
      <law>SEBI</law>
      <pubDate>Tue, 29 Aug 2023 00:00:00 +0530</pubDate>
      <guid isPermaLink="true">https://www.taxtmi.com/circulars?id=66785</guid>
    </item>
  </channel>
</rss>