TaxTMI 
TaxTMI 
TaxTMI 
Advisory for SEBI Regulated Entities (REs) regarding Cybersecurity best practices
X X X X Extracts X X X X
X X X X Extracts X X X X
....ctor organizations, stock exchanges, depositories, mutual funds and other financial entities have been experiencing cyber incidents which are rapidly growing in frequency and sophistication. Considering the interconnectedness and interdependency of the financial entities to carry out their functions, the cyber risk of any given entity is no longer limited to the entity's owned or controlled systems, networks and assets 2. Further, given the sophistication and persistence of the threat with a high level of coordination among threat actors, it is important to recognize that many traditional approaches to risk management and governance that worked in the past may not be comprehensive or agile enough to address the rapid changes in the threat ....
X X X X Extracts X X X X
X X X X Extracts X X X X
.... 022-26449509 Email: [email protected] Annexure-A In view of the increasing cybersecurity threat to the securities market, SEBI Regulated Entities (REs) are advised to implement the following practices as recommended by CSIRT-Fin: 1. Roles and Responsibilities of Chief Information Security Officer (CISO)/ Designated Officer: REs are advised to define roles and responsibilities of Chief Information Security Officer (CISO) and other senior personnel. Reporting and compliance requirements shall be clearly specified in the security policy. 2. Measures against Phishing attacks/ websites: i. The REs need to proactively monitor the cyberspace to identify phishing websites w.r.t. to REs domain and report the same to CSIRT-Fin/CERT-In for....
X X X X Extracts X X X X
X X X X Extracts X X X X
....ent response plan. ii. Enforce effective data protection, backup, and recovery measures. iii. Encryption of the data at rest should be implemented to prevent the attacker from accessing the unencrypted data. iv. Identify and classify sensitive and Personally Identifiable Information (PII) data and apply measures for encrypting such data in transit and at rest. v. Deploy data leakage prevention (DLP) solutions / processes. 5. Log retention: Strong log retention policy should be implemented as per extant SEBI regulations and required by CERT-In and IT Act 2000. REs are advised to audit that all logs are being collected. Monitoring of all logs of events and incidents to identify unusual patterns and behaviours should be done. 6. Pa....
X X X X Extracts X X X X
X X X X Extracts X X X X
....lock these before receiving and downloading messages. Scan all emails, attachments, and downloads both on the host and at the mail gateway with a reputable antivirus solution. ii. Block the malicious domains/IPs after diligently verifying them without impacting the operations. CSIRT-Fin/CERT-In advisories which are published periodically should be referred for latest malicious domains/IPs, C&C DNS and links. iii. Restrict execution of "powershell" and "wscript" in enterprise environment, if not required. Ensure installation and use of the latest version of PowerShell, with enhanced logging enabled, script block logging and transcription enabled. Send the associated logs to a centralized log repository for monitoring ....