Volume 38 (2017)

Volume 38 (2017) / Issue 6

Lazaros G. Grigoriadis, 'Cybersecurity Insurance and New EU Cybersecurity and Data Protection Rules' (2017) 38 Business Law Review, Issue 6, pp. 210–218


In today’s marketplace where businesses are constantly being threatened by data breaches and cyberattacks, it is imperative that a global company obtain cybersecurity insurance. This article highlights the importance of cybersecurity insurance in light of the forthcoming security obligations imposed by the General Data Protection Regulation (GDPR) and the Network and Information Security Directive (NIS Directive). In particular, it mentions some cases showing that even wellknown multi-billion dollar companies are vulnerable to cyberattacks and data breach incidents. Also, it describes the types of damage that may be caused by such cyber events and the reasons why many companies have not yet considered cybersecurity insurance to be part of their overall strategy to mitigate cyber risk. Further, it examines the new cybersecurity and data protection requirements established by the GDPR and the NIS Directive. Finally, it evaluates the role that insurance can play as an effective risk mitigation tool, taking into consideration some recent US courts’ judgments in cyber insurance cases.

Copyright © 2017 Kluwer Law International
All rights reserved

ISSN: 0143-6295
ID: BULA2017032