The Insurance Regulatory and Development Authority of India (IRDAI) has set up a standing committee on cybersecurity to regularly review threats inherent in existing or emerging technologies.
The committee, established following the release of guidance on information and cybersecurity in April this year, will also recommend appropriate changes to the framework to strengthen the insurance industry’s cybersecurity posture and resilience.
“Furthermore, the committee will also consider the recommendations received from regulated entities on the implementation of IRDAI Information and Cyber Security Guidelines, 2023 to recommend appropriate changes in the current framework,” the regulator said.
The 10-member committee, chaired by PS Jagannatham, includes technical professionals from academia, industry experts and representatives from the insurance brokerage community. External members can also be invited to join the committee if desired.
Cybersecurity norms require insurance companies and intermediaries to adopt a risk-based approach and take necessary measures to protect their systems and data from cyber threats. This includes identifying and assessing risks, implementing appropriate security controls, incident response plans and regular security audits.
