Organizations from all industries and of all sizes face the very real risk of being the target of increasingly common ransomware, business email compromise and other types of sophisticated cyber-attacks. With the increasing prevalence of work-from-home policies and remote access arrangements, those risks have only escalated and further exposed organizational vulnerabilities to data breaches and cybersecurity incidents. As a result, it is imperative that organizations and their senior management teams prioritize cybersecurity as a top-of-mind risk management issue.
How we can help during, before and after a data breach or security incident
Whether your organization is developing cybersecurity policies to deal with potential threats, you are contemplating merger or an acquisition, or you are in the midst of dealing with a data breach or security incident, Miller Thomson’s Cybersecurity team has the hands-on experience to guide you through the complex, interrelated legal, technical and compliance issues involved, while incorporating best practices specific to your industry.
Our lawyers have significant experience in acting as breach coaches and senior counsel in crisis situations, in M&A due diligence, and can assist with issues and transactions that span across Canada, and into the United States, Europe or other global jurisdictions.
We work with clients to develop practical action plans for mitigating and responding to cyber threats, including:
- Acting as breach coach in the event of an incident:
- Providing expertise and leadership to help the organization handle the response and feel confident in their decisions
- Being a central coordinator of internal functions and external service providers
- Engaging and instructing external providers (IT forensics, public relations, notification and credit monitoring agencies)
- Advising on privacy and data breach notification requirements and legal aspects of public notification & communication strategies
- Drafting notifications and required breach reports
- Creating an auditable record of the response and investigation
- Establishing legal privilege and ensuring confidentiality
- Liaison with law enforcement and payment negotiations (in ransomware cases, for instance)
- Advising boards and management teams on governance best practices and legal duties;
- Advising on cybersecurity and privacy issues in M&A and other commercial transactions;
- Reviewing arrangements with suppliers and associated risks (supply chain management);
- Programmatic support, including drafting and reviewing policies and incident response plans;
- Advising on cybersecurity and Directors & Officers insurance coverage;
- Representation in the event of an investigation, enforcement action or litigation.
Canadian expertise with global reach
With representation across Canada, our Cybersecurity Team can serve clients in both official languages. Our multidisciplinary team has provided guidance to clients in a variety of industries, including manufacturing, insurance, healthcare, financial services, retail, communications and transportation. We also have experience with insurers and working as both panel counsel and private client.
Because the very nature of a cybersecurity incident extends beyond borders, we have established long-standing relationships with foreign legal counsel should it become necessary to obtain guidance on foreign law. And as cybersecurity incidents can impact so many areas beyond the initial breach point, our team has also formed strong relationships with professionals in IT forensics, public relations and other areas such as credit monitoring and external notification services to help manage a security breach, if required.
In today’s digital age, it’s entirely possible that your organization will be exposed to a cybersecurity incident at some point. Miller Thomson’s Cybersecurity team can provide the guidance you need to proactively plan for potential incidents and mitigate the damage from cyber-attacks that have penetrated your organization.