We're sorry but your browser is not supported by Marsh.com.au

For the best experience, please upgrade to a supported browser:

X

RESEARCH AND BRIEFINGS

Cybersecurity and the EU General Data Protection Regulation: The Time for Action Is Now

Peter Beshar

Executive Vice President and General Counsel of Marsh & McLennan Companies

In less than a year, tough new rules on data protection will come into effect in the European Union.  For the first time, companies will be required to notify regulatory authorities, and potentially consumers, in the event of a significant cyber breach.  In elevating the rights of consumers, the EU General Data Protection Regulation (GDPR) represents a sea change in how companies will have to operate – and many are not ready.

Oliver Wyman, a Marsh & McLennan Company, predicts that fines and penalties in the first year alone may total £5 billion – or more than $6 billion – for FTSE 100 companies.  Adherence to GDPR will require senior management – and not solely IT departments – to assume greater responsibility for cybersecurity.  This shift means more than drafting a new organizational chart.  It represents a profound transformation in how industries retain, use, and manage data and how leaders understand, mitigate, and respond to cyber intrusions.

Even those companies that do not fall under the new regulation should take proactive measures to protect their businesses against a cyber breach.

Download the attached briefing to learn more.

Marsh Pty Ltd (ABN 86 004 651 512, AFSL 238983) (“Marsh”) arrange this insurance and is not the insurer. The Discretionary Trust Arrangement is issued by the Trustee, JLT Group Services Pty Ltd (ABN 26 004 485 214, AFSL 417964) (“JGS”). JGS is part of the Marsh group of companies. Any advice in relation to the Discretionary Trust Arrangement is provided by Jardine Lloyd Thompson Pty Ltd (ABN 69 009 098 864, AFSL 226 827) which is a related entity of Marsh. The cover provided by the Discretionary Trust Arrangement is subject to the Trustee’s discretion and/or the relevant policy terms, conditions and exclusions.