Over the past twenty years, India’s insurance industry has experienced robust growth, expanding at a Compound Annual Growth Rate (CAGR) of 17%. However, despite this impressive trajectory, the sector has seen a sharp rise in cyber threats in recent years. A 2025 report* revealed that India encountered nearly 370 million malware attacks in 2024, with the banking, financial services, and insurance (BFSI) sector among the most frequently targeted.

In response to the growing demand for proactive cybersecurity practices, the Insurance Regulatory and Development Authority of India (IRDAI) incorporated new provisions into its ‘Information and Cyber Security Guidelines, 2023’ on 24 March 2025. These provisions focus on managing cyber incidents and enhancing crisis preparedness among insurance companies and intermediaries across India.

As per the latest circular, regulated entities (REs) are also required to report any cyber incident to IRDAI in the specified format within six hours of detection or notification.

Non-compliance with reporting obligations can attract regulatory attention and result in penalties, thereby establishing the importance for organisations to maintain a robust and well-defined incident response strategy. 

How can Grant Thornton Bharat help?

At Grant Thornton Bharat, our dedicated team of experts - proficient in risk assessment and other cyber security capabilities - can support your organisation through various stages of incident response strategy until execution. With our globally acceptable methodology and renowned forensic technology applications, we can efficiently process large volumes of data while being cost effective in managing large eDiscovery matters.

We can help you with: 

Our offerings 

Our Digital Forensics and Incident Response (DFIR) capabilities and offerings provide end-to-end support, from proactive readiness and forensic investigation to complete incident response, data recovery, and litigation support. 

Digital Forensics and Incident Response

  • Gather organisation context.

  • Review security documentation.

  • Scenario development.

  • Facilitation and execution of interactive tabletop exercise.

  • Evaluation and feedback.

  • Training and awareness. 
  • Forensic analysis, attribution and recovery.

  • Static and dynamic analysis.

  • Negotiation and payment handling.

  • Security assessment and hardening.

  • Assess data exfiltration.

  • Compliance and reporting. 
  • Incident response readiness & planning.

  • Digital investigations & remediation.

  • Threat intelligence.

  • Data identification & remediation.

  • Regulatory compliance support

  • Communication & notification.

  • Forensic analysis 
  • Data collection and preservation.

  • eDiscovery.

  • Forensic and timeline analysis.

  • Litigation support.

  • Data theft/IP theft investigations.

  • Compliance and regulatory support.

  • Training and awareness.
  • Expert witness testimony.

  • Case strategy development.

  • Document review and analysis.

  • Damage assessment and valuation.

  • Discovery support & forensic analysis.

  • Trial preparation & support.

Digital Forensics and Incident Recovery

  • Business impact analysis.

  • Recovery strategy development.

  • Business continuity and disaster recovery plans.

  • Data backup and recovery.

  • After-action reports.
  • Internal communications (documentations, coordination).

  • External communications (stakeholder updates, public relations).

  • Communication channels (primary –emails, internal messaging systems and secondary –SMS, phone calls).
  • Post incident review.

  • System restoration.

  • Continuous post recovery monitoring.

  • Regular Testing.

  • Feedback loop.

Why Grant Thornton Bharat?

Our DFIR capabilities

  • End-to-end services from technology to manage reviews with rapid development of projects within a few hours of matter approval and 24x7 assistance as required.

  • Committed team of experts from diverse fields including engineers, CA, Data Analysts and professionals certified with GCFA, GNFA, CFE, CCE, EnCE, CEH, RHCE, ACE.

  • High end machines with capabilities to process voluminous data with external storage capacity of over 10 TB.

  • Enriched with end-to-end services including data collection to reporting for Windows, Mac Forensics and mobile forensics.

  • Consulting support to large multinational corporations as well as regulatory bodies on digital forensics and incident response.

  • State of the art lab for performing technology related engagements. 

Our Cyber Incident Response capabilities

  • Dedicated team of Cyber security professionals up to date in emerging incident response and cyber security trends.

  • Expertise in efficiently processing large volume of data allows to be cost effective in managing large eDiscovery matters.

  • Incident response plan audit to prevent legal pitfalls and ensure compliance with laws and regulations.

  • Proficient risk assessment and cyber security capabilities – access control, security policies, network security, encryption and end point security as a part of incident response.

  • Assisting clients with regulatory queries and show cause notices, ensuring effective crisis resolution.

  • Utilising visuals and timelines to illustrate incident response, root cause analysis, and key data insights.

Next steps for insurance companies

Insurance companies must actively manage cyber incidents with speed and full regulatory compliance. They must implement both proactive and reactive strategies to prevent, detect, and respond to cyber threats and vulnerabilities.

To know more, connect with our experts.