On January 18th, it was learned in the industry that regulatory authorities have recently reported some prominent and common issues discovered during the on-site inspection of network and information security in the securities and futures industry in 2024. It is reported that from September to October 2024, the China Securities Regulatory Commission organized a special inspection of industry networks and information security. According to on-site inspections, some industry organizations have certain risks and hidden dangers in implementing the network security responsibility system, managing networks and important information systems, emergency management, outsourcing management, and software legalization. In addition, several other prominent issues were discovered during the on-site inspection. In terms of outsourcing risk management, the outsourcing risk control mechanism is not sound enough, and some operating institutions have a lack of outsourcing management system and have not formulated prudent outsourcing and subcontracting regulations. Lack of awareness of outsourcing security management, multiple operating institutions have problems with unreasonable grading or authorization of outsourced personnel, and supplier and personnel evaluation is merely a formality. (Zhongzheng Taurus)
Scan code to share