Karachi: Karachi Stock Exchange (KSE) has said no information security breach exists in the exchange.
In the second half of calendar year 2013, the KSE board hired the services of independent external consultants to provide a strategic review of the IT function and how it was placed with regard to current and future business prospects, according to a statement released on Friday.
As the consultants were working on this project, the management received information in August that there was misappropriation in the purchase of some IT hardware back in 2008 and that some IT personnel had access to KSE’s IT system during that period.
Upon receipt of this information, the board appointed outside forensic specialists to investigate these allegations. The relevant regulators were also informed of these developments.
Based on the findings of the report and recommendations of the consultants, certain vulnerabilities identified in the KSE network related to email servers were immediately rectified.
The management also removed from service several IT staff as they were deemed to have acted inappropriately with respect to not following operational procedures. At the same time, the board requested the main strategic review of the IT department to be completed quickly with a focus on IT infrastructure security and specific recommendations for improvement based on international best practices.
This report is expected to be received by the end of February and its recommendations should be implemented forthwith.
“The SECP itself receives data feeds at the end of the day only since 2011,” the statement said.