 "Irdai forms panel to review security guidelines to deal with cyber-attacks")
Insurance sector regulator Irdai on Wednesday said it has formed a committee to review its information and security guidelines due to exponential increase in cyber-attacks across the globe in the wake of COVID-19.
The economic situation owing to the pandemic has seen an exponential increase in cyber-attacks across the globe and in particular, the financial sector. This situation has necessitated regulators to re-look into their Cyber Security Guidelines applicable to all regulated entities in an effort to protect the financial systems, Irdai said in an order.
The Insurance Regulatory and Development Authority of India (Irdai) had issued guidelines on cyber security in April 2017 as a part of its governance mechanism.
An Information Security Commission (ISC), board-approved information and cyber security policy, appointment of chief information security officer and cyber crisis management plan are part of its mandate.
The guidelines also mandate that the insurers' risk management committee should be responsible for an annual comprehensive assurance audit including conducting of Vulnerability Assessment & Penetration Test (VA&PT) and should report the findings to the Authority.
"In the light of cyber attacks which the financial sector has been witnessing and in the process of having a structured reporting to analyse the issues to be addressed in a holistic manner at the industry level, it is considered necessary to review IRDAI's Information & Cyber security Guidelines," it said in its order.
The review will encompass to understand if there is a need to extend the guidelines for insurers to other entities which are regulated by Irdai, with or without modification.
It will also see how to apply these guidelines to entities which access insurers' IT systems and how to ascertain minimum security standards are followed by those who access insurers' IT systems but are not regulated by Irdai.
Among others, it will see if the guidelines need to be updated to cover cyber security issues of fintech solutions, mobile-based applications, work from remote location and cloud sourcing, among others.
The 14 member committee is to be headed by Institute for Development and Research in Banking Technology (IDRBT) Chairman Janakiram.
Other members of the committee include professionals from insurance companies, Irdai, Data Security Council of India, IISc, IIT Mumbai and ICAI.
A R Nithiyanantham, CGM-IT, Irdai shall be member convenor of the working group. The Committee shall submit its report in two months, Irdai said.
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app