Source: ET
Context:
The Securities and Exchange Board of India (SEBI) has issued clarifications on its Cybersecurity and Cyber Resilience Framework (CSCRF), introducing graded compliance norms to reduce the burden on smaller market intermediaries.
Key Highlight:
- Large entities (e.g., top brokers, clearing members, depositories): Must comply with stringent cybersecurity controls and strict timelines due to their higher systemic risk.
- Mid-sized entities: Moderate compliance requirements with some relaxations.
- Small entities (small brokers, portfolio managers, RIAs, etc.): Simplified norms and extended timelines to reduce operational burden.
Objectives:
- Ensure robust cyber resilience across the securities ecosystem.
- Apply “proportional regulation” so that smaller intermediaries are not overburdened.
- Strengthen investor confidence by protecting against cyber threats.
Cybersecurity and Cyber Resilience Framework (CSCRF) – SEBI
The CSCRF is a regulatory framework introduced by the Securities and Exchange Board of India (SEBI) to safeguard the securities market from cybersecurity risks and ensure that intermediaries can withstand, respond to, and recover from cyberattacks.
Objectives:
- Protect investors’ data and market infrastructure.
- Ensure continuity of critical market operations despite cyber incidents.
- Enhance trust and resilience in India’s securities market.
