THE Securities and Exchange Commission (SEC) is finalizing a memorandum circular that requires regulated entities to create an information security group.

The SEC requested all concerned entities to comment on the commission鈥檚 鈥済uidance for regulated entities on establishing and maintaining a cybersecurity framework.鈥

In an unnumbered memorandum circular published on the SEC鈥檚 website on Wednesday, the commission said it recognizes 鈥渢hat cyber crime is currently the fastest rising economic crime, in line with the findings under the National Policy for 2017-2020.鈥

The information security group to be created by each regulated entity should be separate and distinct from its existing information technology group, the commission said.

鈥淭he primary focus of the information security team is to ensure the confidentiality, integrity, and availability of information in the process of the regulated entity,鈥 it added.

The team will be headed by a chief information security officer, who will also oversee the entire cybersecurity framework of the regulated entity, SEC said.

Among the responsibilities of the team is drafting guidelines that will 鈥渄ictate certain behavior within the organization pertaining to handling cybersecurity.鈥

The team will develop a 鈥渃omprehensive strategy鈥 to enhance the 鈥渞eadiness, capacity, training, recruitment, and retention of the cybersecurity workforce鈥 of the regulated entity. 鈥 Arjay L. Balinbin

RELATED ARTICLESMORE FROM AUTHOR