Cyber Insurance & GDPR Compliance Are Linked

GDPR forces companies to think about their:

  • data collection
  • data storage
  • data use
  • data privacy

GDPR has compliance guidance that states how businesses and organisations must protect and process personal data of their customers.  Failure to do so will incur significant fines.

Non-compliance with GDPR is expensive. Regulators can fine a business as much as 4 percent of its annual revenue.  The danger posed by such hefty non-compliance fines is driving demand for cyber insurance.

If you are holding sensitive information on your customers it’s very important that you have the necessary security breach protections in place.

  • Antivirus software
  • Cyber security training for key employees
  • Company policy on personal devices at work
  • Strong access controls to data

As well as following GDPR compliance guidelines it makes sense to have cyber insurance should things go wrong.  Cyber insurance will cover your business with regards to 1st party damages and 3rd party damages.

1st party damages typically covered:

  • Extortion payments (ransomware)
  • Business interruption costs
  • Recovering lost data
  • Restoring computer systems
  • Costs of notifying any 3rd party stakeholders of breach
  • Reputation management post breach (PR & Marketing)

3rd party damages covered:

  • GDPR fines against you
  • Costs of defending yourself against such breaches

When it comes to cyber security protection, size does not matter.  Companies with 1-49 employees are typically most at risk because they think it will never happen to them and neglect the issue.

We recommend sourcing a local cyber security company to help you and a cyber insurance service provider that understands your needs.




If you plan to buy a product or service for your business in the next 12 months please complete the form below.