The Insurance Regulatory and Development Authority of India (IRDAI) has set up a standing committee on cyber security to regularly review the threats inherent in the existing or emerging technologies.

The committee, set up following the issue of the Information and Cyber Security Guidelines this April, will also suggest appropriate changes to the framework to strengthen the cyber security posture and resilience on the insurance industry.  

“Further, the suggestions received from the Regulated Entities in implementation of IRDAI Information and Cyber Security guidelines, 2023 will also be considered by the committee for suggesting appropriate changes in the current framework,” the regulator said.

The 10-member committee, chaired by PS Jagannatham, includes technology professionals from academics, industry experts and representatives of the insurance broking community. External members can also be invited to the committee, if required.

The cyber security norms mandated insurers and intermediaries to adopt a risk-based approach and take necessary measures to secure their systems and data against cyber threats. This includes identifying and assessing risks, implementation of appropriate security controls, incident response plans, and regular security audits.