Register Price / Packages DEMO Option My Bookmarks Daily Newsletters Feedback/ Suggestions
Tax Management India. Com
Law and Practice  :  Digital eBook
Research is most exciting & rewarding


Case Laws Acts Notifications Circulars Classification Forms Manuals Articles News D. Forum Highlights Notes
TMI - e-Newsletter     TaxTMI    Money Laundering - The petitioner sought exemption...     TaxTMI    Refund with interest - statutory period of 60 days...     TaxTMI    Illegal arrest or not - detention for more than 24...     TaxTMI    Validity of assessment order - The court noted that...     TaxTMI    Levy of GST - Place of supply - Tax imposed on...     TaxTMI    Validity of reduction of fine and penalty -...     TaxTMI    Addition u/s 68 - burden of proof - share...     TaxTMI    LTCG - exemption claimed u/s 54F - fractional...     TaxTMI    Validity of assessment order - Best judgment...     TaxTMI    Nature of land sold - agricultural land - distance...     TaxTMI    The Allahabad High Court addressed the denial of a...     TaxTMI    Demand of interest u/s 50 - default in filing the...     TaxTMI    Condonation of delay in filing income tax return...     TaxTMI    Service of SCN - plea of not having accessed the...     TaxTMI    Condonation of delay in filing an appeal before the...     TaxTMI    Latest Case-Laws     TaxTMI    Latest Notifications + Circulars     TaxTMI    GST Council Decisions     TaxTMI       Right Stop
  TMI - Tax Management India. Com
Follow us:
  Facebook   Twitter   Linkedin   Telegram

TMI Blog

Home

Guidelines for MIIs regarding Cyber security and Cyber resilience

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... MIIs) need to have robust cyber security framework to provide essential facilities and perform systemically critical functions relating to trading, clearing and settlement in securities market. It is also important that MIIs establish and continuously improve their Information Technology(IT) processes and controls to preserve confidentiality, integrity and availability of data and IT systems. 2. With the change in market dynamics in the Indian Securities markets, the interdependence among the MIIs has seen significant increase. Considering the interconnectedness and interdependency of the MIIs to carry out their functions, the cyber risk of any given MII is no longer limited to the MII s owned or controlled systems, networks and assets. .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... Corporations) Regulations, 2018 and Section 19 of the Depositories Act, 1996 read with Regulation 97 of Securities and Exchange Board of India (Depositories and Participants) Regulations, 2018 to protect the interests of investors in securities and to promote the development of, and to regulate the securities market. 9. The circular is issued with the approval of Competent Authority. 10. This circular is available on SEBI website at www.sebi.gov.in under the category Legal and dropdown Circulars . Yours faithfully, Ansuman Dev Pradhan Deputy General Manager +91-22-26449622 ansumanp@sebi.gov.in Annexure-A MIIs are required to implement the following practices: - 1) MIIs shall maintain off .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... o deal with such attacks. 5) MIIs should conduct regular vulnerability scanning to identify and address vulnerabilities, especially those on internet-facing devices, to limit the attack surface. 6) MIIs should patch and update software and OSs to the latest available versions and it must be reviewed on a quarterly basis to ensure the implementation of the same. 7) MIIs should implement a cybersecurity user awareness and training program that includes guidance on how to identify and report suspicious activity (e.g. phishing) or incidents. 8) MIIs should implement filters at the email gateway to filter out emails with known malicious indicators, such as known malicious subject lines, and block suspicious Internet Protocol (IP) add .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... should ensure that DCs are patched as and when patch is released and it must be reviewed on a quarterly basis to ensure the implementation of the same. b) MIIs should ensure that no unnecessary software is installed on DCs, as these can be leveraged to run arbitrary code on the system. c) MIIs should ensure that access to DCs should be restricted to the Administrators group- Users within this group should be limited and have separate accounts used for day-to-day operations with non-administrative permissions. d) MIIs should ensure that DC host firewalls are configured to prevent direct internet access. e) MIIs shall undertake the penetration testing activity (internal and external) for known Active Directory Domain Controller a .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... ons (DNS-Sec) for secure communication shall be used. 23) Management of the critical servers / applications / services / network elements should only be restricted through enterprise identified intranet systems. 24) MIIs should have system(s) in place to manage and incorporate IOCs /malware alert/vulnerability-alert (received from CERT-in or NCIIPC or any linked MII or any other government agency) in their systems. 25) MIIs shall devise standard operating procedure (SoP) to implement the advisories issued by CERT-In, NCIIPC or any other government agency in their IT environment within defined timeframe and the said SoP shall be shared with SEBI. 26) MII s response and recovery plan should be subjected to review and testing. Test .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

 

 

 

 

Quick Updates:Latest Updates

What's New:
    Latest Case Laws
What's New:
    Latest Notifications
What's New:
    Latest Circulars
F: Partner Remuneration
F: notice u/s 73 converted to 74
H: Jurisdiction - power of Joint Commissioner (Investigation) Enforcement...
H: Valuation of export goods - Iron Ore Fines - transaction value - FOB p...
H: Foreign Tax Credit (FTC) u/s 90 r.w. Article 25 India US Treaty (DTAA)...
H: Levy of GST on Extra Neutral Alcohol (ENA) supplied by the petitioner ...
H: Liability to pay Service Tax when the main contractor has already paid...
H: Implementation of the Resolution Plan and change in management and con...
N: Rate of exchange of one unit of foreign currency equivalent to Indian ...
H: Addition u/s 50C r.w.s. 56(2)(vii) (b) - the buyer of the property - T...
H: Cancellation of warehouse licenses - Penalty u/s 117 - The Tribunal fo...
N: Seeks to impose Anti-dumping duty on import of Pentaerythritol from Ch...
H: Freezing the Demat Accounts of the petitioners - The Calcutta High Cou...
H: Assessment against non existent company - name of company struck off b...
H: Computation of capital Gain - Disallowance being expenses towards the ...
H: CENVAT Credit - exempt service or not - amount of interest received by...
H: Levy of safeguard duty - Determination of effective date and time of i...
H: Dishonour of Cheque - vicarious liability - Whether service of notice ...
H: Defreezing of bank accounts - Implication of Non-Reporting of Seizure ...
A: ITC is not available for the construction of the immovable property fo...
A: CORE BANKING SYSTEM
A: Liability to pay GST under RCM goes beyond taxable territory
F: composition dealer - DRC - 01
N: Seeks to amend No. 18/2022-Central Excise, dated the 19th July, 2022 t...
N: Fixation of Tariff Value of Edible Oils, Brass Scrap, Areca Nut, Gold ...
A: Deciphering GST Notification: Tax Implications of Corporate Guarantees
A: Tax leviable at 12 percent on Mango Pulp from the beginning of GST
A: ONUS IS ON THE PART OF SERVICE PROVIDER TO PROVE THAT THE SERVICES ARE...
A: GSTR 2A and GSTR 3B during 2018-19
A: Delhi Court rules against ITC denial to NBFCs’ recovery agents.