March 17, 2020: The SECP has issued guidelines on cybersecurity framework for the Insurance Sector, providing principles to make the information technology systems of insurance companies and their partners secure and resilient.
Cyber risk presents an evolving challenge for the insurance sector due to growing interconnectedness. Insurance companies gather, store, and maintain substantial volumes of confidential personal and organizational information. Because of these data reservoirs, insurers may become potential targets for cyber criminals.
SECP guidelines provides principle for formulation of a sound cybersecurity framework to anticipate, withstand, detect, prevent and respond to any possible cyber-attacks. The suggested measures include appointment of Chief Information Security Officer and obtaining cyber risk insurance other deployment of other adequate cybersecurity systems.
The Cybersecurity guidelines will aid in improving privacy and confidentiality of the information stored and handled by insurers and will ultimately contribute to enhance the policyholders’ confidence on the insurance sector.
The guidelines are available at SECP’s website.