CSA publishes summary of cybersecurity roundtable

Read: Regulators focus on cybersecurity

Roundtable participants represented a cross-section of Canadian securities market stakeholders, including marketplaces, clearing agencies, registrants, reporting issuers, regulatory authorities and cybersecurity experts.

“Our discussions highlighted the interconnected nature of the Canadian securities markets ecosystem,” says Louis Morisset, CSA chair and president and CEO of the Autorité des marchés financiers, in a release. “There was a clear agreement on the importance of cooperation and information sharing in responding to a cybersecurity incident and reducing the risk of contagion.”

In the view of roundtable participants, cybersecurity incidents can have far-reaching implications beyond the immediate organizations that are affected, especially if core systems are impacted.

Read: 61% of S&P/TSX firms call cybersecurity a material risk

Participants focused on the importance of robust incident response plans (IRPs) for entities, including entities that may be indirectly affected by a cyber incident.

Participants indicated that IRPs are generally quite detailed and complete in relation to internal procedures in the event of an incident, but should also address coordination and information sharing with other stakeholders, particularly in the context of a market-wide incident.

CSA identified cybersecurity as a priority area in its 2016–2019 business plan, and will continue to collaborate with market participants, other regulators and stakeholders to enhance cybersecurity preparedness and work toward a more formal coordination process beyond the existing processes.

Read the full staff notice here.

Also read: Are financial institutions doing enough to boost cyber security?