+44 020 7767 3070 info@lorega.com
Global Risks Report from World Economic Forum says cyber defences are being tested

Global Risks Report from World Economic Forum says cyber defences are being tested

Global Risks Report from World Economic Forum says cyber defences are being tested

Global Risks Report from World Economic Forum says cyber defences are being tested

World Economic Forum logoThe World Economic Forum (WEF) published their 2018 Global Risks Report last week, which showed that concern for cybersecurity risks has jumped this year, despite respondents in previous years showing optimism towards technological risks.

Both cyber attacks and data fraud appear in the top five global risks by perceived likelihood, most likely because of the increasing prevalence and disruptive potential for cyber attacks. The report stated that cyber breaches reported by businesses have almost doubled in five years, from 68 per business in 2012 to 130 per business in 2017, and incidents that would once have been considered extraordinary are becoming more and more commonplace.

There are multiple factors at play which are contributing towards the increasing cyber risks, including, but certainly not limited to;  the resurgence of ‘dark net’ markets, increasing use and reliance on cloud services, and the persistence of cyber criminals to create and execute large scale cyber attacks. For example, the report states that in 2016 alone there were 357 million new malware variants released, and that in 2017 the average DDoS (Distributed Denial of Service) target was” likely to be hit 32 times over a three-month period”.

Not only are companies at risk of major disruption due to cybersecurity risks, but can be exposed to rising financial . WEF estimate that cybercrime will cost businesses US$8 trillion over the next five years, and the annual cost of responding to cyberattacks is said to be £11.7 million per company according to the Accenture 2017 ‘Cost of Cyber Crime’ study. According to the Global Risk Report, ransomware was one of the most costly forms of cyber crime in 2017, which locks targets out of their data and demands a ransom in return for restoring access.

Increase in Ransomware attacks.

“Ransomware attacks accounted for 64% of all malicious emails sent between July and September last year, affecting double the number of businesses compared with 2016” stated the report. Perhaps the most high-profile of ransomware experienced in the UK last year was the “WannaCry attack”, which hit the headlines after affected 300,000 computers across 150 countries. One of the more notable WannaCry victims of the attack was the NHS, with 81 out of the 236 trusts across England affected, alongside a further 603 primary care and other NHS organisations, according to the National Auditing office.

What is alarming, apart from the financial cost of the WannaCry attack, that it “illustrated a growing trend of using cyberattacks to target critical infrastructure and strategic industrial sectors, raising fears that, in a worst case scenario, attackers could trigger a breakdown in the systems that keep societies functioning.” The report goes on to state that many such attacks are thought to be state sponsored.

In Summary – heightened vulnerability to attacks

The Global Risks Report believes that risks are increasing – not necessarily because of increasing successful attacks on critical and strategic systems – but due to the” combination of isolated successes with a growing list of attempted attack”; an increasing worldwide interconnectedness and pace means our vulnerability to attacks is heightened.

To find out more, a copy of the full report can be found here.

Customer feedback

“From the start, Lorega offered me total reassurance"

"Thank you, you were a great help and made sure I claimed for everything I was entitled to. Could not have done it without you”

“Your support and input was excellent”

UK Broker Awards 2016

UK Broker Awards

‘Claims Service Award’

Lorega is proud to sponsor the ‘Claims Service Award’ at the UK Broker Awards today in London.  The point at which a customer has a claim is the ‘point of truth’ for any insurance policy.  Helping the customer to achieve a settlement in accordance with their insurance policy in an efficient way is paramount.

At Lorega we believe in helping customers when they need it.  With Loss Recovery Insurance, a customer will have the service of one of our dedicated Chartered Loss Adjusters, to help them through the process. Peace of mind for anyone involved in making a claim.


We wish all of the nominees the best of luck.

To find out more about our Expert Help products

UK Broker Awards

GDPR, data protection and your business

Cyber Recovery

GDPR – Changes are coming

‘Data Protection’ is a term that can strike fear into the heart of any business, let alone the millions of small business owners across the UK.  The recent example of an unauthorised log on the SAGE database is a good example.

The Data Protection Act (DPA) is an area of legislation which has been with us in its current form since 1998, the same year Google was incorporated, a time before Facebook, Twitter, YouTube or any number of websites and apps holding personal data were born. It came about at a time when ‘data’ stored in large data centres and was controlled by data owners.  But we’ve come a long way since 1998 and the way we use technology to create and share data has changed dramatically too.

There hadn’t been any significant changes to the DPA until 2012, when the European Commission published its draft ‘General Data Protection Regulation’ (GDPR). It has taken four years of debate and discussion to finalise and publish the regulation, which businesses must begin to work through and implement by 25th May 2018.

Despite the UK voting to leave the European Union in June, Brexit won’t affect the UK from complying with the EU regulations, for two very simple reasons. Firstly, businesses who have European customers, suppliers or subjects will need to comply with the regulations and secondly, because the changes have been largely introduced in conjunction with the UK’s Information Commissioners Office (ICO) who have already stated that they will still expect companies to comply with the GDPR.

What you need to know?

The GDPR applies to any business which owns personal data; known as the controller. Personal data, or ‘Personal Identifiable Information’ (PII) is defined as “information relating to a person who can be identified, directly or indirectly” which can include: name, identification number, address, or other online identities. The data doesn’t have to belong to your customers – it can also apply to your employees too.

It also applies to any business that holds data on the request of another party, known as the processor. The GDPR will therefore be applicable to you, if you provide data storage or if you are a law firm or insurance broker and if you are currently governed by the DPA.

What’s changing?

Currently, under the DPA, small businesses are required to keep personal data secure and up to date, should only hold the data for as long as it is needed and for a specific purpose. Under the GDPR, the rights of the ‘Data Subject’ (the individual whose personal data you hold) have been strengthened and include a number of rights, including the need for you to gain consent from them in order for you to process their data. Their rights also include the right of the individual to be ‘forgotten’, meaning they can request that you remove all data you hold about them.

Notifications, fines and damage to reputation

If you are unlucky enough to experience a data breach, you are required to notify the ICO “without undue delay and, where feasible, not later than 72 hours after having become aware of it” (EU2016/679 (85)).  Dependent upon the nature of the breach, you may also have to notify the data subjects that a breach has occurred.

The ICO have made it clear that they are going to impose punitive fines and sanctions on organisations that are in clear violation of these rules and the fines are not insignificant. For example, late notification to the ICO (more than 72hrs) could mean a fine for your business of 2% of your annual worldwide turnover and, for more serious infractions; this could be increased to 4% of your annual worldwide turnover. The ICO also has the ability to levy fines of up to £20m, depending on the size, scale and nature of the breach.

Whilst the principal aim of the GDPR doesn’t set out to tarnish reputations, it is important to note that the ICO publishes names of organisations that have received any form of undertaking, sanctions or fines on its own website, for all to see.  This means there is a very real risk to your reputation, even if the sanctions are not substantial in monetary terms.

Lawful and fair processing

It has always been important to be clear about what you’re collecting data for and should be understood before such data is obtained. The GDPR, however, also requires that it must be made clear to the data subject how long you will be storing their information and what their rights are, for example, the ‘right to be forgotten’. Businesses need to ensure they are conducting lawful and ‘fair processing’ of information.  Every business that is affected by this should therefore consider carefully whether they communicate this in a clear and readily accessible manner.

Cyber attacks

The possibility of a cyber attack that can result in a data breach is very real, with our recent research showing that 75% of small businesses have experienced a cyber threat.  A number that is expected to continue increasing as cyber criminals target more and more small businesses owners.

Ensuring you are compliant with the updated GDPR will help to protect your business to a certain level but by taking out Lorega’s ‘Cyber Recovery Insurance’, will also give you access to a ‘Cyber Expert’ to guide you through the process, liaise with regulators and communicate with your customers should anything go wrong.

Lorega can help you to survive a loss of personal information, following a data breach or cyber attack.

Bluefin extends long-term partnership with Lorega

Renewal of ‘Loss Recovery’ Partnership

Bluefin, one of the UK’s leading insurance brokers has extended its Loss Recovery Insurance partnership with Lorega Limited, the UK MGA and assistance specialist, across its middle market commercial business.

The new three year deal will see Lorega continue to provide loss recovery insurance cover under the brand ‘Bluefin Assist’ and continue to support commercial clients, ranging from SMEs to large corporates, in the event of a complex or major loss.

For claims in excess of £5,000, policyholders will have access to unlimited advice from one of Lorega’s expert Chartered Loss Adjusters, to help in the preparation, negotiation and settlement of material damage or business interruption claims.

Lorega and Bluefin have partnered on the provision of Loss Recovery Insurance, for over a decade.

Bluefin logo


“The strengthening of our partnership with Bluefin, reflects their clear understanding of the role and benefits ‘Loss Recovery’ offers their clients. We look forward to continuing to build on our partnership, with the opportunity to develop new product and service areas in the future”.
Neill Johnstone Managing Director Lorega.

BIBA 2016

Lorega Stand C58 BIBA 2016

The Lorega team will be at #BIBA2016 this year in Manchester and look forward to welcoming you to stand C58.

As the largest Insurance event in Europe takes place next week, on the 11-12 May, it will be an opportunity for Lorega to catch up with our partners across the UK Insurance market.

In addition to our Loss Recovery Insurance products, we will also be able to tell you about the launch of our new Cyber Recovery Product. which is specifically designed for SME clients.

As last year, you can contact us on the day at the stand or by using the hashtag #LoregaBIBA16 through the usual social media channels.

If you would like to find out more about our products and services then we look forward to seeing you there.

BIBA 2016 logo







“I am looking forward to meeting our broker partners at this year’s #BIBA2016 conference and to discussing the launch of our new Cyber Recovery Insurance Product”.
Neill Johnstone Managing Director Lorega.