CYBER
Cybersecurity specialist
Lycetts
Cyber risk permeates every aspect of businesses today, and it was the increasing ubiquity and severity of hacking cases and the spread of malware that pushed Graham Wedgbury to delve more deeply into this field. Recognising the overwhelming need to bring awareness of cybercrime to the next level, Wedgbury has been rigorously educating himself on all things cyber while building close liaisons with experts in the field. He also does his best to stay several steps ahead in terms of spotting and learning the gaps in coverage and legislation for cybersecurity, which has propelled him to become a leading expert in the industry and a go-to source for the media.
IBUK: How will GDPR affect cyber insurance cover?
Graham Wedgbury: GDPR, now enforced in law as the Data Protection Act 2018, will have an impact on the offerings insurers provide in terms of coverage. Premiums and rating are bound to be affected in time, depending on the levels of fines and penalties imposed by the Information Commissioner’s Office, and as a result of the potential for fines to rise to as much as 4% of turnover for Data Protection Act breaches. But only time will tell the extent of this.
IBUK: Will Brexit impact how clients’ cyber risks are being insured?
GW: Brexit should have little or no impact on this. There will be an overlap between leaving the EU and the enactment of the Data Protection Act 2018 [DPA18], and even if this overlap between the UK’s EU membership and the application of the DPA18 in the UK were to be short-lived – should EU terms be rescinded – any UK business which trades in the EU will have to comply with the DPA18.
GDPR’s many obligations will apply to organisations located anywhere in the world that process EU citizens’ personal data in connection with their offer of goods or services, or carry out ‘monitoring’ activities (defined to pick up many online behavioural marketing activities). Additionally, any UK business that has a group company or staff operating within the EU will have to comply with the DPA18 provisions and also the amendments to the ePrivacy Directive when it is finalised in due course. It follows that any insurance implications that arise from these changes should have no effect on a business’s decision to insure cybersecurity risks.
IBUK: What do you enjoy most about specialising in this sector?
GW: What I enjoy most about specialising in cybersecurity insurance is the opportunity to talk authoritatively to clients, insurers and the media about a prevalent and fastevolving risk that is impacting my clients today and is set to impact them in an even greater way in the future. Being able to provide a benefit to them through relevant advice and the placement of insurance policies is fulfilling.
