The Insurance Regulatory and Development Authority of India (IRDAI) has asked Chief Information Security Officers (CISOs) of all insurers to immediately review their cybersecurity preparedness. In an email sent on May 15, the regulator directed them to assess exposure to emerging frontier AI-driven cyber threats and strengthen defences against advanced AI-enabled attacks.
Insurers have been instructed to evaluate their current posture and preparedness specifically in relation to risks arising from frontier AI systems. They must submit a detailed Action Taken Report (ATR) to IRDAI by May 22, 2026, outlining preventive, detective and responsive security measures being implemented to counter these evolving threats.
The directive comes amid growing industry concern over highly advanced AI models. Discussions around Anthropic’s unreleased internal model “Mythos” have sparked global debate about autonomous cyber capabilities and potential exploit-generation risks, prompting regulators to act proactively.
In parallel, the Indian Computer Emergency Response Team (CERT-In) has issued warnings about critical vulnerabilities in enterprise systems, including SAP products widely used by insurers and banks. CERT-In continues to provide threat advisories and mitigation guidance for critical infrastructure sectors.
This move reflects IRDAI’s focus on building stronger cyber resilience as frontier AI technologies advance. Insurers are now expected to act quickly to identify gaps and implement robust safeguards against sophisticated AI-powered threats.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
