Regulatory Alerts2025-08-28
Technical Clarifications to Cybersecurity and Cyber Resilience Framework for SEBI Regulated Entities
The Securities and Exchange Board of India (SEBI) issued this circular to provide technical clarifications and updates to the Cybersecurity and Cyber Resilience Framework for regulated entities. The document establishes principles of exclusivity and equivalence for entities under multiple regulators, refines definitions for critical systems and zero-trust models, and adjusts compliance requirements for mobile security and ISO 27001 certification. Additionally, it revises categorization thresholds for Portfolio Managers and Merchant Bankers and mandates adherence to CERT-In audit guidelines.
Share