Sebi on Tuesday came out with a consultation paper on boosting cyber security framework for entities regulated by it.
The consultation paper on 'Consolidated Cyber security and Cyber Resilience Framework (CSCRF) for Sebi Regulated Entities' looks at providing a common structure for multiple approaches to cyber security to prevent any cyber-risks/incidents.
Sebi said the framework is based on five concurrent and continuous functions of cyber security as defined by NIST -- Identify, Protect, Detect, Respond, and Recover.
NIST refers to the National Institute of Standards and Technology.
"All REs shall formulate an up-to-date Cyber Crisis Management Plan (CCMP)," the consultation paper said, adding that they would also have to put in place comprehensive incident response management plan and respective Standard Operating Procedures (SOPs).
"Alerts generated from monitoring and detection systems shall be suitably investigated for Root Cause Analysis (RCA)," it noted.
Comments on the consultation paper can be submitted to the regulator till July 25.
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)