Summary:
The insurers, the regulator said, should also firm up their Cyber Crisis Management Plan for more effective handling of cyber incidents. While calling for immediate steps in this direction, the IRDAI said feedback/updates from insurers, to a circular it had issued in April on cyber security guidelines, reveals that many of them had not finalised their Gap Analysis report, Cyber Crisis Management Plan and Board-approved Information and Cyber Security Policy. The direction applies to recently-registered insurers and re-insurers and those of them who have not appointed Chief Information Security Officer (CISO) must do so immediately. more-inThe Insurance Regulatory and Development Authority of India (IRDAI) has directed the insurance companies to conduct security audit of their information and computer technology (ICT) infrastructure. It advised them to take immediate steps towards security audit of the ICT infrastructure, including Vulnerability Assessment and Penetration Tests (VAPT) through Cert-in empanelled auditors..