The Information Security Standards for Securities

The Information Security Standards for Securities (ISSS) is a standard in
Israel that provides guidelines for organizations that issue or trade
securities to manage and protect against cyber threats. This standard is
intended to help organizations in the securities market to protect sensitive
information and comply with relevant regulations and laws.
The ISSS includes guidelines and best practices for:
 Risk management
 Incident management
 Business continuity management
 Compliance with legal and regulatory requirements
The standard covers a wide range of information security-related topics,
 Network security
 Cloud security
 Mobile device security
 Identity and access management
 Data protection
 Compliance with regulations such as MiFID II, Dodd-Frank Act and
The ISSS is based on international standards such as ISO/IEC 27001 and
is designed to help organizations establish, implement, maintain, and
continually improve their information security management systems
(ISMS). Organizations in the securities market are expected to comply with
the standard and to demonstrate compliance through regular assessments
by a qualified auditor.
The ISSS standard is mandatory for organizations operating in the
securities market. Compliance with the standard can also help
organizations to protect their reputation, demonstrate their commitment to
information security and provide assurance to their customers and other

Skip to content