DATA BREACH COST PREDICTED TO SOAR IN THE UK AND EUROPE
London, 3rd February 2012 - A report into cyber risks published by Lockton reveals the cost of a data breach is rising for companies in the UK and Europe, and predicts that the expense will continue to soar when stringent EU-wide mandatory notification proposals become law. The report identifies that the cost per record breached in the UK has risen from £60 in 2008 to £71 in 2010 - and yet stayed virtually static in the USA during the same period - where mandatory notification is law in most states. The report provides an interesting insight into the costs that UK and European companies can expect to pay when notification becomes law, as the average data breach cost in the USA is USD7.2m, whereas in the UK it is currently GBP1.9m.
A surprising fact highlighted by the report is that over half (52%) of data breaches occur because of human error - lost computer devices and rogue employees stealing data, and just 32%are down to cyber criminals and hackers.
Ben Beeson, Partner, Lockton Companies LLP, Global Technology and Privacy Practice comments: "Up until now the primary market for cyber liability insurance has been in the USA, where client notification laws have driven up the cost of a data breach. But with Viviane Reding's announcement last week, businesses in the UK and Europe are starting to wake up to this risk and they are recognising that they will become very exposed financially.
"As the statistics reveal - the risks are both internal and external - which makes it virtually impossible for a company to protect its data from a breach. Instead, companies need to be prepared for a breach, understand the risks and assess how the financial impact can be minimised. This is where insurance can assist, as it not only provides much needed funds to deal with the immediate problems associated with a data breach, but it also gives access to experienced legal, IT and PR specialists who can help get a business back on track as quickly as possible. With technological developments happening daily, companies cannot afford to bury their head in the sand when it comes to cyber crime and data risks. The good news is, as our report reveals, there is a burgeoning insurance market in London keen to write cyber business."
Lockton's 'Cyber risks decoded' report into data risks, privacy regulations and risk mitigation and insurance options, also shows that data privacy is the top emerging risk for the 21st century. Despite this fact, the majority of UK and European businesses do not have sufficient risk mitigation plans in place to protect their business or handle the financial and reputation damage a major data breach would have. The report highlights that although in its infancy in the UK and Europe, the cyber liability insurance market is growing fast, and the new proposed, stringent EU-data privacy laws are predicted to be the 'game changers' in terms of market penetration for cyber liability insurance products.
The report contains interviews with four leading London market underwriters: Iain Ainslie from the Ace Group, Paul Bantick from Beazley, Ben Maidment from Brit Insurance and Malcolm Randles from Kiln Enterprise Risks 510, and Andrew McClelland, from global e-retailing industry association IMRG, and includes commentary from the Lockton global technology and privacy practice.
The Cyber risks decoded report was researched and compiled between November 2011 - January 2012. For the report four leading cyber and data protection underwriters, members of the Lockton specialist technology and privacy practice and a representative from IMRG - the UK's association for global e-retailing were interviewed. In addition, desk research was undertaken with a view to:
- Define the cyber threats to domestic and global businesses
- Quantify the costs of a data breach
- Understand current and future legal requirements
- Outline the insurance solutions available
More than 4,100 professionals at Lockton provide more than 15,000 clients around the world with insurance, benefits, and risk managementservices, offering an uncommon level of client service. From its founding in 1966 in Kansas City, Missouri, Lockton has grown to become the largest privately held insurance broker in the world and 9th largest overall. Independent researcher Greenwich Associates awarded Lockton its 2011 Service Excellence Awardfor risk management for large companies. For three consecutive years, Business Insurance has recognized Lockton as a "Best Place to Work in Insurance."
Charlie Evans, London
020 7407 5441 / 077696 489812
Chris Don, London
020 7933 2634
07717 851 998
 2010 Annual Study - UK cost of a data breach www.symantec.com / www.ponemon.org
& 3 NetDiligence - Study of cyber and data breach insurance claims June 2010 www.netdiligence.com