IRDAI to make relevant changes & guide insurance cos. on cybersecurity

With cybersecurity issues evolving daily, the Insurance Regulatory and Development Authority of India (IRDAI) will focus on making the relevant changes and guiding the insurance companies as per the evolving requirement, a top insurance watchdog official said at an ASSOCHAM virtual event on Thursday.

“I will say it will be evolving every day and the regulator and the insurance companies together will be focusing on improving the cybersecurity as per the need of the hour. It is not that we have reached a final stage there,” said SN Rajeswari, member, IRDAI at an ASSOCHAM National e-summit on Cyber Insurance - “Reinvigorating the Future for Bridging the Gap.”

The cyber risks are not static. So, cyber insurance is also not going to be static. “There is a need to create awareness and have a cyber insurance ecosystem, cyber literacy, each agency, companies should coordinate with each other and there should be a training session to promote awareness on the risk of remote working, Rajeswari said.

Considering insurance companies manage very huge data of the customers, policyholders and are always running at the risk, IRDAI in its guidance document issued on product structure for cyber insurance has come out with the guidelines and parameters each company should have, she said.

“There has to be an information security policy is in place, how it is being reviewed and also where the data and backup data has to be kept, so, IRDAI is focusing on this and there is also proper guideline and FAQ on the cybersecurity update,” said Rajeswari.

The objective of the guidance document issued by the IRDAI on September 8 is to enable the insurers they can evaluate what are the new technologies that are posing the cyber risk and identify what is the protection gap.

“Of course, there are cyber insurance products available in the market, both for commercial and individual. So now they can identify when IRDAI elaborates what are the possible risks, recommendations they give that can be covered. So, the insurers can identify what are the protection gaps, existing products and they can address according to the needs of the market and even they can develop the standalone cyber insurance product,” she said Ms Rajeswari.

IRDAI Will Guide Insurance Companies On CyberSecurity Issues
The IRDAI member stated that while cyber insurance products are mostly for the commercial purpose as it is a standalone product, but it can also be issued to the individuals.

“We have discussed the individual cyber need policy and what are the coverages as it is already it can take care of the identity theft, social media coverage, emails pooling and exhaustion, media liability cover, data breach, privacy breach and whatnot. So, IRDAI has given the model policy wordings what are the do's and don'ts, and they have also discussed internationally what are the coverages that are available in various other jurisdictions and what is not available in India at present and what is available in limited cover like what we were discussing about that silence cyber cover, whether a D&O policy covers automatically,” she said.

Focusing on the micro, small and medium enterprises (MSMEs) and the lower-income group, she said that there is a need to create awareness and support the ecosystem there. As per the statistics, 43 per cent of all the cyber-attacks are aimed at SMEs because they are highly vulnerable, they have the less sophisticated IT security infrastructure, the awareness is very low the security measures are very low. “There is a need to have an ecosystem model to support the SMEs with a cover specifically for them so that they are also protected,” said Rajeswari.

Comments

Popular posts from this blog

Dr Prabhu Set To Score A 'Perfect 10' As Dean Of KMC, Mangaluru

Rare celestial Mars Occultation Event Visible Only In India on April 17

Durga Facility's Philanthropic Touch Gives A Clean Edge To Mangaluru City Police