Stockbrokers and depositors are urged by SEBI to report cyberattacks within six hours

On Thursday, the SEBI requested that stock brokers and depositories participants report any cyberattacks, threats, or breaches they may have encountered within six hours of being aware of them.

They must notify the exchanges, depositories, and regulator of such situations within the allotted period.

According to a circular, the event will also be reported to the Indian Computer Emergency Response team (CERT-In) in compliance with the rules CERT-In has periodically established.

The National Critical Information Infrastructure Protection Centre (NCIIPC), which has designated stock brokers and depository participants’ systems as “protected systems,” will also receive reports from these parties.

“All cyber attacks, threats, cyber incidents and breaches experienced by stock brokers/ depositories participants shall be reported to stock exchanges/ depositories and the SEBI within six hours of noticing/ detecting such incidents or being brought to notice about such incidents,” the SEBI said in the circular.

The quarterly reports must be submitted to the exchanges and depositories within 15 days of the end of each quarter. These reports must include information on cyberattacks, threats, cyberincidents, and breaches experienced by stock brokers and depository participants, as well as the steps taken to mitigate the vulnerabilities.

Sebi will receive this information via a special email address.

For stock brokers and depository players, the regulator earlier this month prescribed the framework for cyber security and cyber resilience. SP SHW RAM PTI.