Corporate boards are facing mounting pressure concerning their oversight of data security and privacy risks. Regulatory guidance, emerging regulatory requirements, fines, and lawsuits combined with technological advances and changing business processes are shaping a new and evolving standard of care with exponentially increasing exposures for today’s directors and their organizations. Boards now find themselves front and center when it comes to dealing with these difficult issues, which dramatically increases their need for effective reporting from management and other subject matter experts.
As cyber and privacy threats continue to evolve and relentlessly plague today’s organizations, the 2017 State of Cybersecurity Report by cybersecurity firm Forcepoint focuses much needed attention on factors that create people-based risks that can compromise even the most advanced and comprehensive cyber defense systems and privacy protocols. These insider risks are exacerbated by today’s mobile and remote workforce, which demands constant access to critical corporate data from a vast array of business and personal devices, and by an increased reliance of third party service providers and business associates.
Record numbers of M&A transactions were announced in 2017, and that number is expectedto increase in 2018. That doesn’t mean, however,that every announced deal is completed, that theprocess is always smooth, or that buyers’expectations were always met. The uncertainty that often abounds in the M&A context,concerning everything from the seller’s corporategovernance to its cyber security posture, can create obstacles that can impede and even derail a transaction.
To facilitate the process of getting to “yes,” moreand more companies are turning to Representations and Warranties (R&W) insurance. R&W insurance can be a key transaction facilitator, which protects a party in the event of post-sale discovery of incorrect representations and warranties in a sales contract.
Originally published on PropertyCasualty360
At long last, the GDPR effective date is just around the corner. As companies continue to work towards compliance, many are realizing that despite their best efforts, the odds of achieving and perpetually remaining in 100% compliance are slim to none.
As with any massive compliance undertaking, mistakes and missteps related to GDPR requirements are inevitable, especially in a world where data volumes, connectivity, mobility, and risks continue to increase. Given this reality, companies should consider transfer of GDPR-associated risks through insurance.
It’s critical to note that finding the most comprehensive coverage for GDPR exposures requires careful analysis of available insurance policy options. That analysis should include a thorough review of the various mandates contained in the GDPR, as well as the company’s practices around protected data, its current insurance policy(ies), and the law governing interpretation of those policies. Importantly, even companies that currently have cyber insurance in place may not have optimal coverage for the wide variety of exposures under the GDPR.
Just days before the General Data Protection Regulation (GDPR) enters into its enforcement stage, IBM has released an interesting report called The End of the Beginning, which documents the results of its survey of 1,500 business executives across various industries in 34 countries concerning the EU’s groundbreaking Regulation. The survey was conducted in February and April 2018 and demonstrates that the GDPR already is having a positive impact in terms of information governance, privacy, and data security practices in many companies. But perhaps most importantly, the survey indicates that a majority of executives view the GDPR as a catalyst for important changes within their organizations, rather than a mere compliance issue, reflecting a maturation in the approach companies are taking to privacy and security issues.