All posts by dswpadmin

Are you ready for GDPR?

GDPR (General data protection regulations) is the biggest change in data that there has ever been. Under new regulations businesses must change the way they look at and protect the data that they are responsible for. Ultimately failure to stick to the regulations that have been outlined will mean that not only is there reputational damage caused but also regulatory fines will be incurred for major data breaches.

 

GDPR – Understand Your Risks And Responsibilities

GDPR is designed to protect the data and information of EU citizens and to do this the regulations are there to enforce the way in which businesses process and store data. Under the new regulations businesses and organisations are designed to appoint a data protection officer. Their role will be to ensure that data is stored and processed in a way in which is most secure. They will also be given the task of supervising the compliance to GDPR.

GDPR – Replacing The Data Protection Act

GDPR is going to replace the existing data protection act. As times have changed and data is a much more profitable commodity to both businesses and cybercriminals. The biggest changes under GDPR will be the time that is allowed for your data controller to notify the local authority of a data breach. Under GDPR a data controller/ data protection officer has 72 hours to notify the local authority of the breach. The other major change to notify is that under GDPR the maximum fine for an organisation for lack of compliance that has led to a breach will be £20 million or 4% of annual worldwide turnover whichever is the greater amount.

 

* Data from Breach Level Index.

GDPR – How To Deal With A Data Breach

It is important that a business knows how to deal with a breach and understands the steps to eventually get back to the situation they were prior to the breach. Using these steps this can be possible;

  1. Identify the breach and take steps to end it.
  2. Check your insurance policy and notify your insurer.
  3. Identify the personal data breached – the type of data and number of records.
  4. Determine remediation measures.
  5. Notify the ICO without undue delay and in any event within 72 hours.
  6. Notify affected data subjects if the breach is likely to result in high risk to their rights and freedoms.
  7. Implement remediation measures and monitor.
  8. Review root causes of the breach and take steps to prevent repetition.
  9. Provide further training to staff as required.

 

Advantages of Cyber Insurance

All we seem to see lately are doom and gloom messages about cyber security and high profile businesses/ organisations that have been attacked. But what goes under the radar are the number of small businesses that get affected by this as well. Instead of focusing on the negatives, we feel that it is important that businesses understand the benefits of having cyber insurance.

 

Cyber risk insurance is a form of protection for your business. It is there to ensure that your business survives. Think of it like a fire extinguisher, you hardly notice that you have them until you need them and then they can be the difference between a near miss and a catastrophe.

 
Cyber risk insurance is more than just financial protection many insurers that we deal with want to help you keep your businesses safe and as a result want you to know how best to do that. They can offer support and guidance to create contingency plans as well as guidance on the best defences for your business. Insurers will also provide access to some of the best forensic investigators to ensure that should you be attacked they find out how and this will mean that you can put it right for next time.

 
We also have an association with a leading cyber risk analysts that can help you to gain access to their system in order for you to limit you cyber exposures and protect your business better. Our association with Apomatix, allows you easy access to their cyber platform and their team will be able to point you in the right direction in terms allowing you to develop better more effective cyber security for your business.

 
With cyber risk insurance, you may also be able to protect your digital assets such as your client database and specialist software’s that are specific to your business. Your cyber insurance can cover your digital assets from damage, loss, and theft, this will mean that any costs incurred recovering your digital assets can be covered by your policy.

 
Cyber risk insurance isn’t all doom and gloom it has its benefits and means that your business can operate safely in the comfort knowing that all your files and software is protected and you have access to some of the best forensic teams if something does go wrong. This along with the given ability to help yourself protect the business can only mean that your business has the best opportunity to fend off most of its cyber-attacks.

 

 

Read more about cyber insurance