Insuring against cyber risks

Cybercrime is growing exponentially in the United Kingdom, yet many financial services firms lack insurance cover that addresses these specific risks. Jonathan Drake discusses the regulatory elements of this developing area.

Jonathan Drake is a partner at law firm Bond Dickinson. He specialises in all aspects of non-contentious insurance and reinsurance law and regulation, including conduct risk, delegated underwriting authority and terms of business agreements. Contact him on jonathan.drake@bonddickinson.com.

In the last year awareness of cyber risks has risen dramatically. High-profile data breaches, previously mainly reported as interesting stories from the United States, have hit the United Kingdom with Moonpig and TalkTalk making the headlines among others. There is a raised awareness among consumers and businesses of their rights, responsibilities and the possible remedies in this area. The English courts have also recognised that the loss of privacy involved with an inappropriate use of personal data has a quantifiable value that can be compensated. Damages for individuals have ranged from a few hundred pounds to over one hundred thousand in extreme cases.