2017-10-27
Added · Updated
The Securities and Futures Commission issued these guidelines to establish baseline security requirements for licensed entities providing internet trading services. The document mandates specific technical controls, including two-factor authentication, data encryption, and robust infrastructure security measures like network segmentation and patch management. It further requires comprehensive cybersecurity governance, incident reporting procedures, and regular staff training to mitigate hacking risks effectively.