Reporting of Cyber-Attack Incidents

In the recent CIRCULAR NO: C512, the Cyprus Securities and Exchange Commission (CySEC) recognises that cyber-attacks are becoming more common and probable in recent years.
 
This is the result of an increased appetite for investments in virtual products, a hike in the number of digitalized processes due to the COVID-19 pandemic, the growing reliance on group IT arrangements for investment firms that are part of a larger organisation, and the geopolitical situation in Ukraine, among others.
 
In this context, CySEC established an official channel to report cyber-attack incidents as a way of collecting information on cybersecurity incidents affecting Regulated Entities. In this way, the regulatory authority will be able to assess potential related targets in the market and take preventative or mitigating measures.
 
In order to satisfy the above requirements of CySEC, it is imperative for firms to establish and maintain a Cyber Resilience framework, one that includes an effective cybersecurity incident response capability. Such capability will provide for adequate technical and organisational measures to prevent cyber-attacks, the right mechanisms and technologies to identify a cyber-attack, and the necessary governance and protocols to successfully respond and recover from a cybersecurity incident.
 
Quadprime, can help you review your cybersecurity incident response readiness and support you to ensure you have the appropriate governance and means in place to identify, contain, and successfully report an incident as per CySEC requirements.

Contact us for more information on how we may assist you.