With emerging technologies and the rise in online attacks, the cost of cyber incidents shows little sign of slowing down.
Combining an understanding of technology risk and over forty years in the insurance sector means an expertise you can trust.
There are few businesses that do not create or use electronic data or depend on functioning IT systems. The majority of businesses have an online presence and many businesses now use social media and publish their own content. With incidents arising from 'hacking', denial of service attacks and physical IT intrusions, organisations are rightly concerned about how to manage cyber risks. Threats from within organisations are as problematic as external ones. Cyber incidents can generate significant cost to resolve as well as liability to third parties. As a result insurers are faced with a challenge to provide cover against these ever-changing risks.
We have drawn experts from across the firm to build a dedicated team, specialising in this type of work. We combine the best of technology and insurance legal practices, along with expertise in data protection, confidentiality, defamation and intellectual property rights as well as traditional liability issues.
We listen to our clients, taking time to understand your objectives and approach. Whether you are an organisation facing the threat of cyber-crime or an insurer seeking to respond to market demands or claims, our team of experts is committed to providing a client experience no one else can beat. Our advice is always clear, prompt and practical – designed to move swiftly to resolve whatever problem you’re facing, saving you time and money in the process.
Get in touch
T:+44 (0)238 020 8128
What we do
We have particular experience in the following areas:
- Data Protection – advising on information security incidents and managing investigations by regulators
- Information litigation
- Intellectual property
- Public relations advice and IT support
- Technology contracts.
Examples of work
A few examples of recent cases we have been involved in include advising and acting on behalf of:
- A national retailer which was the victim of a cyber-attack by a rogue employee. Customer details were stolen from our client's IT systems and the employee contacted customers defaming the employer and other members of staff. We assisted our client in assessing the quality of its data control systems to be sure the data loss was not the result of a remote hack. We advised on the level of access afforded to employees to ensure it was appropriate under the Data Protection Act. We prepared a report to the ICO as a result of which further investigations by the ICO were dropped.
- An Insured fulfilment company which was contracted to produce and distribute communications on behalf of a building society. The Insured erroneously despatched several hundred communications to the wrong addresses. This meant personal information was received by the wrong recipients in breach of the Data Protection Act. We advised the Insured on managing its liability to the building society which resulted in a successful settlement.
- A leading online review site on managing its exposure to defamation claims. The client's site primarily comprised user generated content by both the public and paying subscribers. We advised the client on appropriate "notice and taken down" procedures to maximise potential defences to any defamation claim. We also advised on web site terms and conditions to place appropriate limits on user generated content. As a result when subsequently a defamation claim was brought it was defeated without the need for court proceedings.
- A national retailer after tens of thousands of customers' account information became corrupted during an IT upgrade by a negligent IT contractor. Data security was compromised and personal information was exposed on the internet. We advised our client on notifying its customers and how to put in place measures to avoid future reoccurrences. We also advised on recovering costs from the negligent contractor.
- Large public sector organisations in relation to serious protection data breaches. The security of data records was compromised. We advised the client on the possible level of harm to the data subjects and the client's obligations under the Data Protection Act. We assisted with the investigation of the security breach and preparation of the client's report to the ICO. As a result no further action was taken by the ICO.