UK companies to face increased cyber regulations and fines even with Brexit warn risk experts at Beazley’s Hacked! Conference
New EU regulations on data breaches will impact UK companies whatever the outcome of the referendum on Thursday, according to leading cyber risk experts at specialist insurer Beazley's Hacked! Conference taking place today at the Institute of Directors in London.
Interest in cyber protection among UK businesses has risen sharply with the recent release of the EU General Data Protection Regulation (GDPR), carrying fines of up to 4% of annual turnover, or €20 million, for the mishandling of data breaches. Hans Allnutt, head of the cyber risk and breach response team at international law firm DAC Beachcroft, cited three reasons why Brexit - if it occurs - will "not let British businesses off the hook":
- In the event of a vote to leave the EU, any British firm doing business in Europe will still be exposed to the new EU regulation, including the risk of heavy fines for mishandling data and data breaches. "The new law applies to any company outside the EU that offers goods and services to EU citizens and processes their personal data," Mr Allnutt explained.
- Post-Brexit, it is highly likely that Britain would have to either adopt the new regulation or similar provisions to remain globally competitive. "There will continue to be a restriction on EU companies transferring personal data to non-EU countries unless they can be sure that EU data protection standards will be upheld," Mr Allnutt said.
- Britain's own domestic regulator, the Information Commissioner's Office, or ICO, has historically campaigned for higher data protection standards and increased sanctions for breaches. Mr Allnutt predicted that "a tightening of data protection regulation in Britain is inevitable regardless of the referendum outcome."
Tough regulation has been a major driver of demand for data breach insurance in the United States, Paul Bantick, Beazley's European head of technology, media and business services, told the conference: "Data breach insurance really took off in the US after it became clear that it was not just about financial compensation for loss, but more about mustering the right multi-faceted response to a data breach that will satisfy regulators and reassure customers. We expect to see much the same growth in demand in the UK, Brexit or no Brexit."
Beazley has helped clients handle more than 4,000 data breaches since the launch of Beazley Breach Response, incorporating comprehensive breach response services for small and mid-sized businesses, in 2009. The company is the only insurer with a dedicated in-house team focusing exclusively on helping clients handle data breaches. In April, Beazley partnered with the world's largest reinsurer, Munich Re, to offer custom enterprise wide cyber protection for the world's largest businesses.
Beazley is headlining the conference, featuring cyber experts from CSID, DAC Beachcroft, Worldpay and the National Crime Agency discussing the new EU regulation, developing cyber threats and risk mitigation techniques.
For further information, please contact:
Luther Pendragon - Caroline Wagstaff
+44 (0)20 7618 9158