SIO-9.6.11
An organisation-wide cyber security strategy must be defined and documented to include:
(a) The position and importance of cyber security at the stablecoin issuer;
(b) The primary cyber security threats and challenges facing the stablecoin issuer;
(c) The stablecoin issuer’s approach to cyber security risk management;
(d) The key elements of the cyber security strategy including objectives, principles of operation and implementation approach;
(e) Scope of risk identification and assessment, which must include the dependencies on third party service providers;
(f) Approach to planning response and recovery activities; and
(g) Approach to communication with internal and external stakeholders, including sharing of information on identified threats and other intelligence among industry participants.
Added: July 2025