The two record GDPR fines proposed last week prove that companies must take this risk seriously and are a wakeup call for risk managers to test processes and responses, according to Airmic. Julia Graham, the association’s technical director and deputy CEO, also told Commercial Risk Europe that she is not surprised by the size of the intended fines. It was…
The UK government’s Active Cyber Defence (ACD) programme took down more than 140,000 phishing attacks and 190,000 fraudulent websites, most within 24 hours, during its second full year of operation, according to a report from GCHQ’s National Cyber Security Centre (NCSC). The report, Active Cyber Defence – The Second Year, also reveals that intervention in an email scam by criminals…
Lawyers are divided over whether data protection fines under the General Data Protection Regulation (GDPR) are insurable, with Herbert Smith urging caution against the position that all such fines cannot be covered by insurance in the UK. Last week, UK regulator the Information Commissioner’s Office (ICO) proposed GDPR fines against British Airways for £183.4m (€204.8m) and Marriot International for £99m (€110m).…
Updated analysis from DLA Piper confirms that General Data Protection Regulation (GDPR) fines are only insurable in two European countries and are a grey area in several others, with the majority prohibiting such cover. The second edition of the The Price of Data Security: A guide to the insurability of GDPR fines across Europe by DLA Piper and Aon Cyber Solutions…
Ferma and other observers say the two proposed record General Data Protection Regulation (GDPR) fines announced this week, for British Airways (BA) and Marriott International, confirm that regulators are intensifying their action and serve as a warning to companies and their risk managers to expect stricter enforcement of the rules going forward. The experts say risk managers must make sure…
US-headquartered global hotel chain Marriott International faces a £99m (€110m) fine for breaching Europe’s General Data Protection Regulation (GDPR), following a cyberattack on one of its reservation databases. The fine is set to be handed out by UK data regulator the Information Commissioner’s Office (ICO), which, in line with the GDPR, has taken the lead in the case on behalf…
British Airways’ (BA) proposed record £183.4 (€204.8m) General Data Protection Regulation (GDPR) fine shows that regulators are getting tougher on firms that flout the rules, warns Ferma, which is working on a project with the European auditors association to better evaluate the full impact of the new regime on members. Other commentators also said the size of the fine proves…
British Airways (BA) is facing a record £183.4m (€204.8m) fine under the General Data Protection Regulation (GDPR), for “poor security arrangements” that allowed customer data to be harvested by cyberattackers. The fine is set to be imposed by UK regulator the Information Commissioner’s Office (ICO), which has been investigating the case as lead supervisory authority on behalf of other EU…
Zurich is working on a “flexible” approach to clarify clients’ cyber cover within traditional P&C insurance policies, but warns they typically provide uncertain or inadequate coverage. Following a number of large cyber-related claims in the property market, and under growing regulatory pressure, insurers have been assessing their cyber exposures under traditional P&C coverages. For example, FM Global recently issued revised…
A fraud initiative to tackle cyberattacks on UK conveyancing funds set up by Pen Underwriting and law firm Mills & Reeve has recovered more than half of the money at risk among firms using the scheme. Pen Underwriting said £3.7m of a total £6.7m cyber conveyancing fraud been saved from cybercriminals since 2017. The criminals target large sums of money…