SEBI Issues Technical Clarifications to the Cybersecurity and Cyber Resilience Framework

The Securities and Exchange Board of India (SEBI) has released detailed technical clarifications to the Cybersecurity and Cyber Resilience Framework (CSCRF) applicable to SEBI-regulated entities. These clarifications provide guidance on compliance obligations for entities governed by multiple regulators, introduce specific technical standards, and reclassify the applicability of requirements for portfolio managers and merchant bankers. Further, the circular integrates cybersecurity audit policy directions in alignment with CERT-In guidelines. The objective of these clarifications is to strengthen cybersecurity safeguards, standardize compliance practices, and ensure enhanced resilience across all SEBI-regulated entities.