culture
Inclusion and Diversity
Corporate Social Responsibility
Team BRIT
Environmental, Social & Governance
Insurance
accident and health
casualty
public and products liability
employers liability
environmental liability
contingency
event cancellation
non appearance
film
prize indemnity
cyber
cpr
xdr
bcap industrial
xdr pro tech
first50
cyber claims
delegated authority
commercial property
flood
financial property
homeowners
small commercial general liability
directors & officers
energy
e-trading
financial institutions
fine art and specie
healthcare liability
marine
cargo
hull and marine war
keel
marine and energy liability
political risk trade credit
political violence / terrorism
political violence/london
private client
home
motor
travel
professional liability
small north american liabilty
north american professional liability london
programs
property
north american open market property
international property
uk property
transportation
Reinsurance
casualty treaty
international casualty treaty/london
north america casualty treaty/london
property treaty
property treaty
property treaty bermuda
Claims
Claims Philosophy
Claims Innovation
Cyber Claims
industries
aerospace
aquaculture, equine and livestock
architects and engineers
commercial
construction
consumer goods
education
energy
events & entertainment
farming and agriculture
financial services
healthcare
municipalities
personal lines
professional services
real estate
religious and not-for-profit
retail
technology
transportation
utilities and industrial
careers
Why join Brit?
Why work in Insurance?
our business areas - speaking for ourselves
business area - actuarial
business area - claims
business area - finance
business area - internal audit
business area - operations
business area - risk
news
Brit Group
Brit Global specialty
Brit Global Specialty Bermuda
Brit Re
Brit India
Camargue
Ki
financials and governance
Financials
Governance
executive & board
Risk
History of Brit
Working with FinTechs and InsurTechs
Fair Value Assessments
brokers and coverholders
leadership
innovation
contact
Complaints
Privacy Notice
Modern Slavery
Terms and Conditions
The latest from Brit

Financials

Results for the year ended 31 December 2023

find out more

news

find out more
Breach Counsel Hero

news

A cyber breach is one of the most significant threats to businesses in 2024. The threat of a cyber attack is always present, and the methods used to launch them continually change. In our recent article about the impact of AI on the threat landscape, we discussed that now, even unskilled hackers are capable of inflicting damage on businesses. In recent statistics compiled by the UK government, it was found that 50% of companies have reported experiencing some kind of cyber security breach within the last 12 months.

For many businesses, a cyber attack is a matter of "when" rather than "if." Cyber insurance with us is designed with this inevitability in mind. Our robust protection provides Insureds with access to expertise across multiple cyber-security disciplines. For example, our Cyber team work with Kennedys Law LLP, who act as Breach Counsel and help Insureds to manage incidents.

We spoke to a member of the Kennedy’s cyber team to understand how their role as Breach Counsel is pivotal in coordinating all the services provided by Brit’s policies. Here, you can find out why breach response is always best left to the professionals.

What is the role of Breach Counsel?

Breach Counsel will work closely with clients following a breach. Amongst many other things, Breach Counsel will coordinate the communication and reporting to external parties;

"We are instructed to advise Insureds on the legal and regulatory obligations arising out of a breach. Insurers or brokers will usually instruct us after an Insured has been hit by a cyber attack."

Breach Counsel at Kennedys

Certain regulatory bodies, such as the Information Commissioner's Office (ICO) and relevant international regulators, may need to be notified. It is also the role of Breach Counsel to make a call on whether data subjects (i.e. a specific individual whose data has been compromised) need to be notified of specific cyber breaches. All conversations and correspondence between Breach Counsel and the Insured are subject to legal privilege.

How does the Breach Response process work?

When the Insured has cyber cover in place, they can be confident that there is a carefully designed process in place that will involve all relevant parties and support networks. Breach Counsel can spring into action from the moment that a breach is identified. Typically, Counsel will work to ensure that a strategy can be put in place promptly:

Breach identified

When the Insured discovers that a breach has taken place, they contact the Brit breach hotline, and the breach response process begins.

Triage call

Breach Counsel will set up a triage call to take place as soon as possible. Breach Counsel will aim to schedule this call swiftly (within the hour, if possible). The primary purpose of this call is for Breach Counsel to gain an understanding of the incident and advise on the appropriate next steps. The aim at this stage is to understand how the incident happened, whether it has been contained and whether staff or clients have already been notified, amongst other things. At the end of the call, Breach Counsel will recommend a series of steps that each party should take.

Regulatory reporting

Following the triage call, Breach Counsel will work on drafts for the Insured. If the incident is a reportable one, Counsel can assist with the production of the ICO notification. It's crucial that this is done quickly, as there is a 72-hour deadline in place.

Considering other regulators

Breach Counsel will also consider whether any industry-specific regulators need to be notified. Depending on which industry the Insured operates in, they may be obligated to report the incident to bodies such as the Solicitors Regulation Authority or the Financial Conduct Authority. Breach Counsel will also handle any international reporting obligations and determine whether regulators around the world need to be notified. If so, Breach Counsel from a firm like Kennedys can use a global network to determine if the compromised data is subject to specific international regulatory obligations.

Recommending forensic firm support

If the nature of the breach requires it, Breach Counsel may also recommend that a forensic firm is appointed so that an independent review of the Insured's IT environment can be conducted. This will help to ensure that the breach is contained by looking out for any indication of a broader compromise. Breach Counsel will work hand in hand with the forensic provider to ensure the process runs smoothly.

Internal communication recommendations

If required, Breach Counsel can further assist the Insured by producing draft correspondence for internal or external distribution. Drafts may include a FAQ sheet that the Insured can refer to if they are asked difficult questions, example correspondence to staff or clients, and media statements. Data breaches are a sensitive subject, so Counsel will work to ensure that parties are communicated with carefully and sensitively.

Ongoing support

Breach Counsel will remain on hand to assist the Insured throughout the life cycle of the incident. Breach Counsel will assist with various tasks and will often work alongside Insureds for a period of months to ensure that legal and regulatory obligations have been complied with.

 

This process is only an indicative example. Every breach and client is different, meaning there can be a lot of nuances in the process as a whole.

"The support we provide will depend on the type of incident, but we always do what we can to provide pragmatic advice as swiftly as possible. So much of what we offer revolves around client service and ensuring that Insureds have help available at a stressful time.

The speed of our initial response will depend on the availability of the Insured, and we will do everything possible to ensure a team member is available for the initial triage call at the earliest opportunity. So much of what we offer is about client service and ensuring they have the assistance they need during what can be a stressful time."

Breach Counsel at Kennedys

A key part of Breach Counsel's involvement is helping Insureds to understand what (if any) notification obligations are triggered. Transparency and a willingness to comply are key to ensuring compliance with regulatory guidelines. Incidents should be reported to the ICO within 72 hours after discovering any impact on personal data. The ICO has clear guidance on breach reporting and the expectations of organisations from the regulator.

Collating information in the aftermath of a breach can be complex. However, Breach Counsel are experienced in this field and can help Insureds to meet the tight deadline. Failing to notify the ICO of a breach when required can result in a heavy fine of up to £8.7 million or 2 per cent of your global turnover.

International reporting obligations may also arise. In the event that the personal data of people from overseas is breached, additional notifications may need to be made to international regulators. If you are dealing with an incident where personal data from across the globe has been compromised, it could be overwhelming to navigate this process. Getting it right is crucial, and this is precisely where Breach Counsel's expertise comes in.

 

Who is involved throughout the breach response process, and what is their role?

Various parties, such as Breach Counsel, forensic providers and a PR team may be involved throughout the process;

"Breach Counsel will typically act as the navigator of the incident – we work alongside all of the parties involved to progress things smoothly and ensure compliance with local laws.

Vendor involvement will depend on the incident type. If you consider a large ransomware attack, there will be the Insured who suffers the incident, then the broker and the Insurer (i.e. Brit) from whom we also seek instructions.

A forensic team may be involved. They can review the Insured's IT environment to ensure that the incident has been contained. They may also review the dark web to understand what, if any, data has been leaked.

A PR team may also be instructed to manage the messaging surrounding the incident."

A credit monitoring agency may also be involved, particularly if financial data has been impacted.

Breach Counsel Full Bleed 1

What got you into Breach Counsel, and which skills are important?

Working as part of a breach response team can be demanding, as the work involved is dynamic and fast-paced. The lawyer that we spoke with reflected on their own journey to date and said:

"I completed my training contract at Kennedys before qualifying at the firm last year. The Cyber team was the first team that I joined when I started training, and I immediately knew that it was right for me.

Not only do I enjoy the fast-paced nature of the work, but I also enjoy the fact that you need a blend of technical and legal knowledge.

Most importantly, I like the fact that we are genuinely helping people to manage crises; it's always sad to see the stress that these incidents cause, but I enjoy the fact that I work as part of a team that helps to pick up the pieces and be there for people who really need our help."

They also discussed the soft skills required for the role, showing that it’s not just their technical expertise that is needed.

"Whilst a good understanding of the technical and legal landscape is required, it's also good to be people-focused. We work with Insureds who are experiencing a difficult time, all whilst balancing their day jobs. We offer a helping hand whilst working through the incident, and it's important that Insureds trust us to act in their best interests."

Breach Counsel at Kennedys

What are the big trends on the horizon, and what has surprised you about the threat landscape?

With so many new threats on the rise as technology advances, we asked Counsel what they think are the most significant trends within the cyber security space;

Business Email Compromises (BEC)

These types of attacks are on the rise and typically occur as the result of successful phishing campaigns. If someone accidentally clicks on a malicious link, their email account may become compromised. Data from the UK government noted that 84% of businesses and 83% of charities have experienced a phishing attack in the past 12 months. It's key that people remain vigilant to this specific form of attack.

Ransomware as a Service (RaaS)

RaaS is a type of ransomware business model where cybercriminals write clandestine software, and affiliates pay to launch attacks using said software. Affiliates do not need to have technical skills of their own but rely on the technical skills of the operators. This form of outsourced cybercrime has increased in popularity in recent years.

Counsel goes on to share how the evolving landscape means that expert support is more important than ever:

"When I first joined the Cyber team, I was surprised by how quickly incidents progress and evolve. Often, the incidents we see are very front-loaded, in the sense that a lot of work needs to be done right at the start. The work that we handle at the beginning typically involves reporting to regulators, reporting to staff and clients and considering data subject notifications, amongst other things."

 

Why you should leave Breach Response to the professionals

It should come as no surprise that dealing with any type of cyber incident, whether it’s a business email compromise, ransomware, or otherwise, can be an incredibly stressful experience. Given that these events could happen to any kind of business at any time, it may be worth considering obtaining a policy that provides access to such a support mechanism.

Remember that losing customer data isn’t the only negative impact your client can experience due to a data breach. Failing to adequately deal with a breach could lead to various consequences, including fines imposed by the ICO, reputational damage and data subject claims.

Counsel summarises why support is vital to those who suffer a cyber breach;

"The impact of these incidents can be huge, and the consequences arising out of breaches range from regulator fines to data subject claims. We work to lift some of the pressure off an Insured’s shoulders by navigating the incident for them. We help to ensure that the correct messages are articulated to internal and external parties, and most importantly, we help Insureds to avoid falling foul of applicable laws or regulations.

Our involvement also means that legal privilege is in place, which is key if data subject claims are likely to arise in the future. Most importantly, Breach Counsel are experts in the field – we see hundreds of incidents each year, and cyber-attacks are only becoming more and more prevalent. External vendors can provide Insureds with an independent perspective and prevent Insureds from being seen by regulators as ‘marking their own homework’. This can, in turn, help Insureds avoid penalties for failing to handle the incident in the required way."

Breach Counsel at Kennedys

Get in touch with our Cyber Team

Learn more about Brit and how to ensure you have a support system in place if you are hit by a cyber incident - speak to Brit's Cyber Team today.

Source:

https://www.britinsurance.com/news/ai-in-business

https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2024/cyber-security-breaches-survey-2024

https://kennedyslaw.com/en/

https://ico.org.uk/for-organisations/law-enforcement/guide-to-le-processing/personal-data-breaches/

https://ico.org.uk/for-organisations/report-a-breach/personal-data-breach/personal-data-breaches-a-guide/#whathappensif

https://www.ncsc.gov.uk/blog-post/business-email-compromise-guidance-protect-organisation

https://ico.org.uk/for-the-public/data-protection-and-journalism/taking-your-case-to-court-and-claiming-compensation/

https://www.britinsurance.com/insurance/cyber

Brit enters HNW market with Private Client launch

28-05-2020 |People
Read more

Brit expands newly launched Private Client offering with further hires

14-07-2020 |Private Client
Read more

Brit Private Client ranked first in high net worth report

02-05-2022 |Private Client
Read more

Brit Private Client Home Automation

24-11-2021 |Private Client
Read more

Brit appoints Tara Parchment to build Private Clients proposition

26-07-2018 |Private Client
Read more
London Footer White

A Fairfax Company

©2024 Brit Group Services. All rights reserved.