GDPR and cyber security: How to get started?, by Cristina Hlinschi PR & Communication Consultant
General Data Protection Regulation (GDPR) and cyber security: How to get started?
As of the 25th of May 2018, all companies worldwide that store and process data about EU citizens will be required to comply with GDPR.
This is a new mandatory regulation for the protection of individuals in the EU, with regard to the processing or free circulation of their personal data. Or, in simple terms, new rules on how the personal data of each of us in the EU can be processed.
Potential fines for non-compliance can range from 2-4% of a company’s annual global revenue or amount up to 20 mil EUR, whichever is higher.
This means that companies in our markets will have to pay significantly more attention to their responsibility towards the security of clients’ and consumers’ data, as in the future they will be liable to pay significant fines and damages in case of security breaches and non-compliance.
CertAsig launches cyber insurance
In anticipation of our clients’ needs, CertAsig is preparing and launching cyber insurance products.
We were proud to present our first product of this type at the GDPR conference organised by the British Romanian Chamber of Commerce in Bucharest recently. Mihai Bizineche, CertAsig Chief Underwriting Officer, spoke about our cyber insurance product to members of the British business community in Romania.
CertAsig’s cyber insurance product is a complex one, developed with our reinsurance partners and with IT security experts.
Aimed at companies in any industry and of any size, cyber insurance is particularly beneficial to SMEs, which are highly vulnerable to IT security breaches. In fact, international studies have shown that 60% of SMEs can become bankrupt in 6 months following a cyber attack!
Many of the costs and consequences of cyber-attacks are not immediately visible to businesses, which have a general tendency to under estimate the severity of the potential risks.
The immediate, well-known cyber incidents costs are: the loss value of customer relationships, value of lost contracts revenue, operational disruptions, devaluation of trade name, loss of intellectual property (IP), as well as increases in insurance premium and increased cost to raise debt.
But 90% of the costs are below the surface: hidden or less visible costs such as those related to customer breach notifications, post-breach customer protection, regulatory compliance (fines), public relations/crisis communications, attorney fees and litigation, cyber-security improvements or technical investigations.
CertAsig’s cyber insurance covers clients for their own losses (breach costs, cyber business interruption, hacker damage and / or cyber extortion), but also for claims from third parties affected by any cyber security incident. The Insurer pays a pecuniary indemnity and legal expenses in connection with an insured event for privacy protection and media liability.
With cyber insurance, we are moving forward to meet the new challenges faced by our clients, in Romania and all our CEE markets – Bulgaria, Czech Republic and Turkey. As our strong track record of innovation has already proven, we adapt the trends and expertise of mature insurance markets to the every day realities of our markets, creating effective insurance products which help our clients perform and prosper.