With the dust finally settling around GDPR, many businesses could be forgiven for thinking that they can breath easy once again. With Information Commissioners Office (ICO) promising heavy fines of up to £500,000 if they believe you did not do enough to protect your customer’s data, the stakes have never been higher for businesses – and cybercriminals know that.
According to data collected by AIG Europe, there was a cyber breach for every working day of 2017. This was a considerable rise in attacks when compared to previous years. In fact, the total number exceeded the combined number of breaches from the previous four years.
So why should businesses be concerned?
Ransomware continues to be the most common type of breach, with over a quarter of all reported breaches seeing criminals holding a businesses data for ransom. The malware is easily available and can be purchased online for very little. Whilst experts have made great strides in developing ways to combat the malware, this had lead to the perpetrators dropping any semblance of professionalism, increasing the risk of the data being lost forever, even if the ransom is paid.
With the implementation of GDPR, businesses now face the threat of paying a costly ransom for their data as well as a steep fine for failing to defend the data properly. Experts at AIG are concerned that cybercriminals will use this to demand a higher ransom from businesses.
The new regulations also requires every breach to be reported to them, a rule that is already enforced in the US.
Head of Cyber for EMEA at AIG, Mark Camillo, said: “Companies will be more inclined to report breaches, leading to an increased impact on the volume of cyber claims. This was seen in the US after state breach notification laws came into effect and where nearly every high-profile cyber breach is met with at least one class-action lawsuit.”
Whilst there has been a large increase in the number of high profile cyber attacks over the last few years, (for example the attack on the NHS last year or the Sony Pictures Hack in 2014) the majority of businesses are unsure of how they can protect themselves against the fallout of an attack. Many experts believe the businesses will turn to cyber insurance policies as a means to protect themselves financially against a breach.
A Cyber Insurance policy doesn’t just provide you with financial assistance following an attack, you will also receive advice and guidance from the discovery of the attack, through to recovering the data. If you require a helping hand with safeguarding your business data, get in touch with us to discuss a cyber policy that’s perfect for your business.