cybersecurity  

 

Increasingly, individuals, businesses and government organizations are at risk of having important confidential data and electronic systems accessed or compromised by sophisticated ‘cyber' criminals. These incidents can have profound negative consequences, including financial loss, legal liability, regulatory non-compliance and damage to brand reputations. The phenomenon has moved from what was once largely regarded as nuisance ‘hacking' to serious ‘cracking' for financial gain or other malicious motives.

Awareness of vulnerabilities is growing, but like the iceberg, the real danger is still below the surface of public understanding. In our ‘connected' world, the increased reliance by individuals, businesses and governments on electronic transactions, communications, and data storage, coupled with the increased sophistication and international reach of cyber criminals, has created a new reality. Individuals, and even state-sponsored attackers, have developed a wide range of tools that are insidious, difficult to detect and virtually impossible to trace. As difficult as it may be to avoid and mitigate the damage from a cyber attack, an even greater risk rests in the undetected breach.

Cybersecurity is no longer solely an issue for IT or technical staff. An effective plan to protect the organization against cyber threats requires insight into both the technical threats and the many and varied ways in which those threats can manifest in personal, physical, and financial damage. Understanding and responding effectively to those threats requires a comprehensive understanding of legal and regulatory obligations and risks, all of which are rapidly evolving.

McMillan's Cybersecurity Group helps clients to take the lead by:

  • Drafting security and data protection policies and protocols
  • Drafting and reviewing insurance policies addressing cyber-risk
  • Reviewing agreements with third party suppliers and service providers to analyze cyber risk implications
  • Advising on an organization's compliance with applicable privacy laws and other legislation
  • Educating managers and directors on the risks associated with a data breach and how to address it from a governance perspective
  • Preparing and implementing a notice strategy to respond to data breaches
  • Advising on the content of statements and public responses following an incident
  • Dealing with regulators following an incident
  • Assisting with internal investigations and obtaining court orders for timely disclosure of necessary information from third parties
  • Advising on and defending claims by impacted parties and defending class action litigation 
  • Advising on and pursuing claims against suppliers, service providers and others who have breached contractual or legal obligation
January 2017

Capital Markets Bulletin

December 2016

Cybersecurity Bulletin

November 2016

Cybersecurity Bulletin

Canadian Corporate Counsel, Volume 25, Number 7

Watch a video synopsis of this article here

November 2016
October 2016

Canadian Securities Law News (November 2016, Number 274)
Securities Bulletin and Cybersecurity Bulletin

September 2016

Cybersecurity Bulletin

July 2016

Cybersecurity Bulletin

May 2016

Cybersecurity Bulletin

April 2016
Financial Services Bulletin
April 2016
Cybersecurity Bulletin
Deal Points
March 2016
Privacy and Cybersecurity Bulletin
March 2016
Cybersecurity Bulletin
January 2016
Cybersecurity Bulletin
TerraLex
2015
The Internet: Laws and Regulatory Regimes
(Canadian Chapter)
JURIS Publishing (formerly Yorkhill Law Publishing)
2008 - 2015
December 2015
Insurance Bulletin
December 2015
Insurance Bulletin
October 27, 2015
International Law Office – Insurance Canada Newsletter
October 20, 2015
International Law Office – Insurance Canada Newsletter
October 2015
Privacy Bulletin
Canadian Corporate Counsel, Volume 24, Number 8
August 2015
Corporate LiveWire
July 2015
Privacy Bulletin
July 2015
Privacy Bulletin
July 2015
Privacy Bulletin
July 2015
Privacy Bulletin
July 2015
Privacy Bulletin
July 2015
Social Media and Website as National Communication Platforms in Canada in Light of French Language Requirements
October 2014
Insurance Bulletin
August 2014
Technology Bulletin
December 2013
Employment and Labour Bulletin
Submitted to the Canadian Corporate Counsel Association (CCCA) webinar, December 2013