INSIGHTS

Cybersecurity and the EU General Data Protection Regulation: The Time for Action Is Now
| Share




Peter Beshar



Executive Vice President and General Counsel of Marsh & McLennan Companies



In less than a year, tough new rules on data protection will come into effect in Europe.  For the first time, companies will be required to notify regulatory authorities, and potentially consumers, in the event of a significant cyber breach.  In elevating the rights of consumers, the EU General Data Protection Regulation (GDPR) represents a sea change in how companies will have to operate – and many are not ready.

Oliver Wyman, a Marsh & McLennan Company, predicts that fines and penalties in the first year alone may total £5 billion – or more than $6 billion – for FTSE 100 companies.  Adherence to GDPR will require senior management – and not solely IT departments – to assume greater responsibility for cybersecurity.  This shift means more than drafting a new organizational chart.  It represents a profound transformation in how industries retain, use, and manage data and how leaders understand, mitigate, and respond to cyber intrusions.

Even those companies that do not fall under the new regulations should take proactive measures to protect their businesses against a cyber breach.

Download the attached briefing to learn more.

   

Comments

There are currently no comments, be the first to post one.

Rate this Article
Was this article helpful? Rate it! Five = highest; one = lowest.
Leave a Comment
Only registered users may post comments.


 

More Information
For more information please contact:
asia.information@marsh.com