Aon launches cyber risk tool for E.U. rule change

Shutterstock.com

Aon P.L.C. introduced a risk management product on Monday aimed at helping firms prepare for the European Union’s General Data Protection Regulation, which is due to come into force in May 2018.

The E.U. regulation includes a mandatory breach notification requirement, increased privacy rules – including a “right to be forgotten” – and fines of up to 4% of global annual turnover for companies that don’t comply with the rules.

Aon said its E.U. Data Protect product will include: a readiness assessment tool to identify, prioritize and remediate gaps in  compliance programs; a data breach modeling tool; a policy endorsement that covers  exposures resulting from the regulation; and access to post-event advisory services, including incident response, digital forensics and claims handling capabilities.

The regulation “represents a significant regulatory challenge facing firms that do business in the E.U.,” said Renette Pretorius, cyber practice leader at Aon in London, in a statement.