The Insurance Regulatory and Development Authority of India (IRDAI) has directed insurers to submit an action taken report on their artificial intelligence (AI) cyber readiness, setting a compliance deadline of May 22, people in the know told NDTV Profit.
The regulator has asked all insurance companies to immediately review their cybersecurity posture and assess their exposure to advanced AI-driven systems. People in the know added that IRDAI flags growing risks from frontier AI-enabled cyber threats, which are becoming more complex and harder to detect using traditional security frameworks.
Sources told IRDAI has warned that AI-enabled cyberattacks could become significantly more sophisticated, posing heightened risks to sensitive and critical data assets held by insurers. The regulator has also highlighted vulnerabilities arising from legacy IT systems, which may not be adequately equipped to handle emerging cyber risks linked to rapid technological advancements.
Insurers have been instructed to detail their preventive, detection and response mechanisms in the action taken report, outlining how they plan to strengthen cybersecurity resilience against evolving threats. The regulator has further asked companies to evaluate their exposure to advanced AI systems and ensure that appropriate safeguards are in place.
ALSO READ: Cybersecurity Incident At HDFC AMC Contained, Unlikely To Disrupt Operations
The directive underscores IRDAI's focus on strengthening digital risk governance across the insurance sector, particularly as the industry increasingly adopts technology-driven processes and data-intensive operations. With cyber risks evolving alongside AI capabilities, the regulator's move signals tighter scrutiny of insurers' preparedness to handle next-generation cyber threats.
Just last month, Union Finance Minister Nirmala Sitharaman urged the Securities and Exchange Board of India to stay exceptionally vigilant against rapidly evolving AI-driven cyber threats, warning that even a single successful attack could have far-reaching consequences for India's financial markets.
Speaking at SEBI's 38th Foundation Day, Sitharaman said cyber security remains the most pressing emerging challenge for market infrastructure institutions. “A single successful cyber attack on a major exchange, a depository, a clearing corporation or a large broker could disrupt markets on a national scale, erase wealth, and shake public confidence in ways that take years to rebuild,” she said.
She flagged how artificial intelligence is amplifying the scale and sophistication of cyber risks. “AI-led tools are making cyber attacks faster, more adaptive, scalable, and in some cases, more autonomous in execution,” Sitharaman noted, adding that threats now range from automated vulnerability discovery and software supply-chain attacks to coordinated intrusions that evolve in real time to evade detection.
Essential Business Intelligence, Continuous LIVE TV, Sharp Market Insights, Practical Personal Finance Advice and Latest Stories — On NDTV Profit.
