Securities and Exchange Board of India (SEBI) is mulling on bolstering its cybersecurity infrastructure as a preventive measure against all vectors of cyber attacks. This comes in the wake of several cyber attacks across the globe and the apparent scenario where SEBI might be a potential target. It is also mulling on increasing its cybersecurity workforce. SEBI has already instructed stock exchanges and other organizations to watch out for threats and attacks.
“A robust cybersecurity and cyber resilience framework should identify the plausible sources of operational risk, both internal and external, and mitigate the impact through the use of appropriate systems, policies, procedures, and controls,” stated SEBI in a statement. “Systems should be designed to ensure a high degree of security and operational reliability and should have adequate, scalable capacity. Business continuity management should aim for timely recovery of operations and fulfilment of its obligation in the event of cyber attack.”
According to a PTI report, “The regulator plans to hire four Grade A officers in its information technology stream and wants the aspirants to have extensive experience in cyber security space (…) who have knowledge of global best practices in the area of cyber security and information technology and are familiar with compliance requirements with cyber security policies”
SEBI would also be roping in an advisor for cybersecurity and other IT related initiatives who will be responsible for strengthening its regulatory policy framework in this space.
The experts would be responsible for the installing firewalls, encrypting data, developing the cybersecurity infrastructure, and ensuring compliance with the cybersecurity policies. They would also be engaged in conducting penetration testing and mock drills.
From the compliance perspective, SEBI wants the aspirants to be familiar with internal policies on IT deployment, implementation, and standardizing procedures. The advisor would also be instrumental in strategizing IT policies and preparing a five-year roadmap.