You are here: Home » PTI Stories » National » News
Business Standard

Take measures to fix cyber security gaps: Irdai to insurers

Press Trust of India  |  New Delhi 

Regulator Irdai has asked insurers to take immediate steps to identify and fix security gaps in information and computer infrastructure with a view to safeguard data and financial system from any vulnerability.

The Regulatory and Development Authority of (Irdai) had guidelines on information and cyber security for insurers in April this year.


It, however, said that from the feedback/ updates received from insurers, "it is observed" that many of them still have not finalised their gap analysis report, cyber crisis management plan and board approved information and cyber security policy.

Insurers have also been asked to firm up their Cyber Crisis Management Plan (CCMP) for handling cyber incidents more effectively.

In a circular addressed to all insurers, the regulator said that ensuring that Information and Computer Technology (ICT) infrastructure of insurers are fully secured is of paramount importance.

"Any vulnerabilities to ICT may result in compromise on confidentiality of policyholder related information and exposure to sensitive information of the sector and the financial markets in general," it said.

This would have serious repercussions not only for the sector but for the financial system of the country as a whole, Irdai noted.

"Therefore, insurers are advised to take immediate steps for conducting security audit for their ICT infrastructures including Vulnerability Assessment and Penetration Tests (VAPT) through Cert-in Empanelled Auditors, identify the gaps and ensure that audit findings are rectified swiftly," it said.

It further said the recently registered insurers and re-insurers also must ensure that steps are taken for implementation of the guidelines.

(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

First Published: Fri, October 13 2017. 18:22 IST
RECOMMENDED FOR YOU