We asked Joel Durston to give some insight into his role as an associate in our London office as part of our cyber risks team. Joel spoke about the aspects of working in the cyber team that he finds the most interesting, in addition to what he sees for the future of cyber.
For more insight into what a typical day in the life looks like working at Kennedys, visit our life at Kennedys page.
Q&A
Why did you join the cyber risks team?
I’ve had a longstanding interest in cyber and data work. It’s extremely rare to have an opportunity to join a sector that is in its infancy, to grow as a professional, as the sector grows around you.
However, what separates cyber work, and in particular breach response work, from so many other sectors is that it offers a chance to make such a positive difference to Insureds. A data breach can be crippling for an organisation of any size, we meet an Insured at a point where they often find themselves unable to operate, which can be a terrifying experience. From that point we work with them, their insurers, and a range of trusted vendors to get their organisation fully operational. I don’t think there is another sector that can offer the sense of fulfilment we see when the smiles start returning to the faces of our clients.
What challenges do you face working within the cyber team?
Things happen quickly in the cyber risk world. This is not a matter of court deadlines, with which you will have forewarning and may even seek extensions. If a data incident occurs on a morning, we’ve got a team on a call hours, or even minutes later. Notifications to regulators will need to be made within days and teams of expert vendors often need to be assembled at a moment’s notice.
Data incidents can happen at any time, meaning that we have to be ready to jump on calls, sometimes in the evenings or even on weekends. This is not your standard nine to five team, but a mixture of the fantastic personalities in the team and the incredible value of the work we're doing makes it incredibly rewarding.
What is interesting about working in the cyber team at an insurance law firm?
The legal side of cyber work can take many forms, there is the general data guidance aspect, providing advice to organisations on general compliance with UK GDPR, the Data Protection Act or regulatory requirements both in the UK and further afield. Another aspect is responding to data claims, either on an individual or group basis, and while our talented team is very capable in both respects, being part of an insurance law firm enables us to specialise in breach response work.
In the wake of a data incident, it is through insurers that we receive the vast majority of our breach response work. It is through Kennedys’ close ties to the insurance industry that we’re able to build our reputation as a national, and worldwide leaders in the breach response sector.
Where do you see the future of cyber?
The only way is up. The increasing prevalence of the internet is evident in almost everything we do, both in work and at home, and there are more cyber vulnerabilities than ever before. This has led to a rise in the number of ransomware attacks, which will only increase. As security measures get better, so do infiltration techniques.
On an organisational level, cyber has rightfully found its way out to the front and centre of many businesses, and institutions' focus. The right cyber insurance policy, and the right legal team, can be the difference between a business recovering quickly after a ransomware attack, or not recovering at all.
What advice would you give someone interested in specialising in cyber risks?
Go for it. There’s never been a better time to make the leap. You’ll be getting in at the ground floor of something, interesting exciting and rewarding.