19 November 2017
visit www.avoka.com

Securities Commission Malaysia issues new cyber resilience guidelines

31 October 2016  |  4161 views  |  0 Source: Securities Commission Malaysia

Securities Commission Malaysia (SC) today issued new guidelines to enhance cyber resilience of the capital market by requiring capital market entities to establish and implement effective governance measures to counter cyber risk and protect investors.

The Guidelines on Management of Cyber Risk (Guidelines) clearly stipulate, among others, the roles and responsibilities of the board and senior management in building cyber resilience of a capital market entity. The guidelines have also mandated the entity to identify a responsible person to be accountable for the effective management of cyber risk.

These measures aim to ensure that cyber risk is managed in an optimised manner, in light of the changing landscape in the market.

“Against a backdrop of increased adoption of technology in capital market activities, operations of market intermediaries, market infrastructure and market-based financing platforms, it is imperative to ensure vigilant management of cyber risk. This will minimise disruption to the capital market, protect investors’ confidential data and preserve market confidence,” said Foo Lee Mei, Executive Director and General Counsel, Securities Commission Malaysia.

These Guidelines require regulated entities to have in place a risk management framework to minimise cyber threats, implement adequate measures to identify potential vulnerabilities in their operating environment and ensure timely response and recovery in the event of a cyber-breach. In this regard, regulated entities are required to implement adequate physical and systems security arrangements.

The involvement of the board and senior management is important to ensure that the capital market entity puts adequate focus on cyber risk issues, determines risk tolerance and priorities, and allocates sufficient resources to cyber risk. As such, these Guidelines require the entity to outline the roles and responsibilities of the board, responsible person and key personnel in critical functions with a role in managing cyber risk.

In order to enable SC to engage effectively with capital market entities and to share information on cyber breaches and potential cyber threats, regulated entities are required to report cyber incidents to the SC. This engagement will enhance industry’s awareness on, and preparedness in dealing with, cyber risk. It will also provide a platform for SC to collaborate with market entities and stakeholders to enhance cyber resilience on an ongoing basis.

These Guidelines will be implemented in phases. Entities will be selected for the different phases based on, among others, size, nature of activities and market share.

The Guidelines on Management of Cyber Risk is available here/www.sc.com.my. The Guidelines take effect on 31 October 2016.

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.aciworldwide.comvisit www.solutions.lexisnexis.comvisit www.ncr.com

Top topics

Most viewed Most shared
Ripple boss predicts central bank adoption of blockchainRipple boss predicts central bank adoption...
13550 views comments | 21 tweets | 21 linkedin
Singapore central bank open sources blockchain prototypesSingapore central bank open sources blockc...
11858 views comments | 15 tweets | 28 linkedin
Digital receipt startup Flux scores game-changing deal with BarclaysDigital receipt startup Flux scores game-c...
9961 views comments | 20 tweets | 36 linkedin
AmEx partners Ripple and Santander for blockchain-enabled cross-border paymentsAmEx partners Ripple and Santander for blo...
9543 views comments | 13 tweets | 39 linkedin
UK cryptocurrency exchange startup launches debit card for spending bitcoinUK cryptocurrency exchange startup launche...
8031 views comments | 26 tweets | 37 linkedin

Featured job

Competitive
London, UK (or flexible)

Find your next job