EU regulations to be followed whatever the outcome, according to experts at Beazley’s Hacked! Conference

Whatever the outcome of the referendum on Thursday, UK companies will have to comply with new EU regulations regarding data breaches, according to leading cyber risk experts at Beazley’s Hacked! Conference, which took place in London this week.

Interest in cyber protection among UK businesses has risen sharply with the recent release of the EU General Data Protection Regulation (GDPR), carrying fines of up to 4% of annual turnover, or €20 million, for the mishandling of data breaches.

If it occurs, Brexit will “not let British businesses off the hook”, said DAC Beachcroft head of the cyber risk and breach response team Hans Allnutt, since British firms doing business in Europe will still be exposed to the new EU regulation and “a tightening of data protection regulation in Britain is inevitable regardless of the referendum outcome”.

Tough regulation has been a major driver of demand for data breach insurance in the United States, said Beazley’s European head of technology, media and business services Paul Bantick. He explained: “Data breach insurance really took off in the US after it became clear that it was not just about financial compensation for loss, but more about mustering the right multi-faceted response to a data breach that will satisfy regulators and reassure customers. We expect to see much the same growth in demand in the UK, Brexit or no Brexit.”