Take measures to fix cyber security gaps: IRDAI to insurers

The Insurance Regulatory and Development Authority of India had guidelines on information and cyber security for insurers in April this year.

Published: 13th October 2017 06:14 PM  |   Last Updated: 13th October 2017 06:34 PM   |  A+A-

Image used for representational purpose only


NEW DELHI: Regulator IRDAI has asked insurers to take immediate steps to identify and fix security gaps in information and computer infrastructure with a view to safeguard data and financial system from any vulnerability.

The Insurance Regulatory and Development Authority of India (IRDAI) had guidelines on information and cyber security for insurers in April this year.

It, however, said that from the feedback/ updates received from insurers, "it is observed" that many of them still have not finalised their gap analysis report, cyber crisis management plan and board approved information and cyber security policy.

Insurers have also been asked to firm up their Cyber Crisis Management Plan (CCMP) for handling cyber incidents more effectively.

In a circular addressed to all insurers, the regulator said that ensuring that Information and Computer Technology (ICT) infrastructure of insurers are fully secured is of paramount importance.

"Any vulnerabilities to ICT may result in compromise on confidentiality of policyholder related information and exposure to sensitive information of the insurance sector and the financial markets in general," it said.

This would have serious repercussions not only for the insurance sector but for the financial system of the country as a whole, IRDAI noted.

"Therefore, insurers are advised to take immediate steps for conducting security audit for their ICT infrastructures including Vulnerability Assessment and Penetration Tests (VAPT) through Cert-in Empanelled Auditors, identify the gaps and ensure that audit findings are rectified swiftly," it said.

It further said the recently registered insurers and re-insurers also must ensure that steps are taken for implementation of the guidelines.

Stay up to date on all the latest Business news with The New Indian Express App. Download now


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.