CSA issue cyber security recommendations

27 septembre 2013

Ce billet est disponible en anglais seulement.

The Canadian Securities Administrators yesterday issued a staff notice recommending that issuers, registrants and regulated entities consider the risks of cyber crime and take steps to address cyber security risks. Suggested actions include educating staff of the importance of securing client information, following industry guidance and best practices in regards to security measures and conducting regular third party vulnerability and security tests.

While protecting against cyber crime is relevant for issuers, registrants and regulated entities (such as SROs, marketplaces, clearing agencies and information processors), CSA staff provide their view on specific considerations for each of these categories of market participants. According to the notice, issuers should consider whether such risks, related controls and any cyber crime incidents they may experience are matters that need to be disclosed in a prospectus or continuous disclosure filing. Registrants meanwhile are advised to consider whether their risk management systems allow them to manage such risks in accordance with prudent business practices, while regulated entities are advised to consider what measures are necessary to manage cybercrime risk.

For more information, see CSA Staff Notice 11-326.

MISE EN GARDE : Cette publication a pour but de donner des renseignements généraux sur des questions et des nouveautés d’ordre juridique à la date indiquée. Les renseignements en cause ne sont pas des avis juridiques et ne doivent pas être traités ni invoqués comme tels. Veuillez lire notre mise en garde dans son intégralité au www.stikeman.com/avis-juridique.

Restez au fait grâce à Notre savoir