The Securities and Exchange Board of India (SEBI) has extended the compliance deadline for its Cybersecurity and Cyber Resilience Framework (CSCRF) by two months. Regulated entities now have until August 31, 2025, to align with the updated cyber requirements.
The extension applies to brokers, portfolio managers, mutual funds, and other market participants. While offering temporary relief, the move highlights the urgency of strengthening cyber posture and resilience in the financial sector.
National certification supports compliance and crisis readiness
To support organizations in meeting the evolving requirements, the Future Crime Research Foundation (FCRF), in collaboration with CERT-In, is launching the Certified Cyber Crisis Management Professional (CCMP) course. This four-week online program, starting July 5, is tailored to help entities comply with CSCRF by building real-time response capability and leadership-level readiness.
Also read: SEBI Issues Cybersecurity FAQs to Guide Regulated Firms
The CCMP course is structured around operational and regulatory expectations outlined by SEBI. It trains professionals to lead cyber crisis frameworks, conduct risk assessments, and respond effectively to modern threats, including ransomware and system breaches.
Rising cyber standards demand practical preparedness
SEBI has emphasized that this extension is not a relaxation in expectations, but a call for higher preparedness. Entities must ensure documented and executable cyber response plans, along with proactive threat mitigation strategies.
The CCMP course aligns closely with this vision, having already attracted participation from government bodies, financial institutions, and defense agencies. As SEBI’s framework raises the bar for cybersecurity, structured programs like CCMP offer regulated entities a practical route to compliance and resilience.
