The Securities Commission Malaysia (SC) has implemented its revised Guidelines on Technology Risk Management as of 19 August 2024.
These new guidelines replace the previous Guidelines on Management of Cyber Risk and expand the focus from just cybersecurity to a broader range of technology risks.
Initially released in August 2023, the updated guidelines aim to enhance the operational reliability, security, and resilience of capital market entities in the face of technology disruptions.
The SC has outlined key expectations for risk management practices, including change management processes, oversight of third-party service providers, and reporting requirements.
The recent CrowdStrike outage underscores the importance of these guidelines, highlighting the vulnerabilities within digital infrastructure and the potential widespread impact on organisations.
The SC emphasizes that adherence to these guidelines is crucial not only for mitigating immediate risks but also for fostering a secure and resilient technological environment in the capital market.
To support the transition, the SC has updated several related guidelines and published a set of Frequently Asked Questions (FAQs) to offer further clarification to market participants.
Featured image credit: Edited from Freepik