A very real question in our opinion. Look at the GDPR and you will see that not only are the fines devastating but the compensation claimable is borderline insane.
Don’t get me wrong, we are all sick of spam email, stolen identities, misappropriated funds and so on. But spare a thought for the victim of the crime. In this example, a small company. It gets hacked and its data is stolen. For being the victim, it gets fined after having to voluntarily report itself. Then to add a final blow, those whose data is stolen are entitled to compensation even if there is no utilisation of the data or loss.
How businesses will survive after such an onslaught is beyond us. Not only the fines and the compensation but you also have to deal with the costs and reputational damage.
There is not one cloud hoster or software provider that will guarantee 100% security and the ethical hackers we know would laugh if they did.
The result of all of this is that the timing could not be better for the claims management companies. PPI comes to an end in 2019. By then there will be an explosion of new vultures circling. We are going to be hearing “have you had your data stolen, you could be entitled to compensation blah blah blah…” a lot.
As to whether hackers will commit their crimes and then sell the fact of the hack to individual claims management companies (to be first on the list to market claims) is not as far fetched as it sounds…watch this space.