• Font Size:
  • S
  • M
  • L

Chapter Content

Title:

Reference Guidelines on the Cybersecurity Protection of Service Enterprises in Securities and Futures Markets  CH

Announced Date: 2024.04.19 (Articles 2, 3, 5, 7, 8, 12, 16 amended,English version coming soon)
Current English version amended on 2022.04.26 
Categories: Information Operations
Article Content Chapter Content Search Article No. Search Legislative History Chinese 
   Chapter 6 Event Detection and Management
Article 18    (Event Detection)
  1. An organization shall develop a security operations center, including gathering event data, performing anomaly analyses, and detecting and determining threats.
  2. An organization shall detect links to phishing websites and malicious websites and remind users against phishing.
Article 19    (Report of and Response to Events)
  1. An organization shall develop an information and communication security event internal report mechanism, consisting of formal report procedures and the contact to whom such event is to be reported.
  2. Should an information service anomaly or information and communication security event affecting client rights and interests or normal operation occur, the Guidelines for Reporting and Responding to Securities and Futures Market Information and Communication Security Events and appropriate response procedures apply, and records shall be kept.
  3. An organization shall immediately report any material personal data security event occurring to it to the competent authority. Such event denotes a situation where personal data are stolen, altered, damaged, lost, or leaked, jeopardizing the organization’s normal operation or the rights and interests of a massive number of parties.