KUALA LUMPUR: The Securities Commission Malaysia’s (SC) revised Guidelines on Technology Risk Management came into effect in August, superseding the Guidelines on Management of Cyber Risk.
In a statement, the SC said the revised guidelines were initially released last year for capital market entities to be familiar with risk management practices, which now expanded beyond cyber security to include technology risks, among others.
“Thus, the revised guidelines emphasised the significance of strengthening operational reliability, security and resilience against technology disruptions, including SC’s expectations for risk management practices to be adopted by industry.
“The key areas covered include ‘change management’ process, third-party service providers, reporting requirements, technology audit, board oversight and accountability over technology risks,” it said.
SC said the CrowdStrike outage highlighted the vulnerability of the country’s digital infrastructure and the widespread impact it can have on organisations, which emphasised the importance of regulations like the guidelines in strengthening operational resilience practices.
The regulator said it is imperative that all capital market entities recognise the importance of observing the guidelines.
“This not only protects against immediate technology risks but also builds a resilient, secure and ethical technological landscape for the future.
“This initiative underscores the SC’s ongoing efforts to strengthen Malaysia’s capital market and investor confidence,” it added.
— BERNAMA
