The Information Security Standards for the Capital Market (ISSCM) is a
standard in Israel that provides guidelines for organizations in the capital
market to manage and protect against cyber threats. This standard is
intended to help organizations in the capital market to protect sensitive
information and comply with relevant regulations and laws.
The ISSCM includes guidelines and best practices for:
Risk management
Incident management
Business continuity management
Compliance with legal and regulatory requirements
The standard covers a wide range of information security-related topics,
including:
Network security
Cloud security
Mobile device security
Identity and access management
Data protection
Compliance with regulations such as MiFID II, Dodd-Frank Act and
more.
The ISSCM is based on international standards such as ISO/IEC 27001
and is designed to help organizations establish, implement, maintain, and
continually improve their information security management systems
(ISMS). Organizations in the capital market are expected to comply with
the standard and to demonstrate compliance through regular assessments
by a qualified auditor.
The ISSCM standard is mandatory for organizations operating in the
capital market. Compliance with the standard can also help organizations
to protect their reputation, demonstrate their commitment to information
security and provide assurance to their customers and other stakeholders.