• About
  • Offices
  • Careers
  • News
  • Students
  • Alumni
  • Payments
Background Image
Bennett Jones Logo 100 Years
  • People
  • Expertise
  • Knowledge
  • Search
  • Menu
  • Search Mobile
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
View all
Practices
Corporate Litigation Regulatory Tax View all
Industries
Capital Projects Energy Funds & Finance Mining View all
Advisory
Crisis & Risk Management Environmental, Social & Governance (ESG) Governmental Affairs & Public Policy
Insights News Events
New Energy Economy Series COVID-19 Resource Centre Business Law Talks Podcast
Subscribe
Bennett Jones Centennial Menu
People
Practices
Industries
Advisory Services
About
Offices
News
Careers
Insights
Law Students
Events
Search
Alumni
Payments
Subscribe

Stay informed on the latest business and legal insights and events.

LinkedIn LinkedIn Twitter Twitter Vimeo Vimeo
 
Blog

Dangerous Assumptions and Serious Consequences in Cybersecurity

June 29, 2017

Written by Ruth E. Promislow and Michael R. Whitt Q.C.

It's not the kind of news a retail giant wants to make. In May 2017, Target agreed to a $18.5-million settlement to resolve a 47-state investigation into a massive 2013 hack. This settlement put Target's total cost of the breach at $202 million. More than 40 million customers had their credit or debit card information compromised after hackers accessed Target's server. Access was gained through credentials stolen from a third-party vendor.

Companies can be more vulnerable than they think when it comes to cybersecurity—and dangerous assumptions can lead to serious consequences. Bennett Jones’ Cybersecurity group hosted panel discussions where firm members joined insurance and security experts to discuss emerging patterns and threats in cybersecurity. Panels were held in Toronto and Calgary. Key takeaways were:

  1. Cyber insurance can be a part of the solution, but there are potential pitfalls. It's a developing market and not everything is covered or well-integrated with other coverage elements. It's also essential to identify the scope of the coverage and tailor it to a company's needs. It's not typically an off-the-shelf product.
  2. Third-party vendors are a critical piece in cybersecurity. Companies must make them a part of their overall strategy, ask the right questions and monitor their performance. Ultimate responsibility cannot be delegated to a third-party, but third party risks can be managed.
  3. Employees who are properly trained and motivated are in some ways the firm’s “intelligent agents,” and one of the strongest lines of defence. The obverse is also true—insiders, whether by accident or purposefully, have proven to be a main cause of serious cyber breaches.
  4. Directors can face exposure. There is the possibility for personal exposure of directors in cybersecurity breaches. Further, in some claims against a breached organization, plaintiffs may not need to prove actual damages to succeed based on the new tort of “intrusion upon seclusion.”
  5. A comprehensive understanding of the organization's information assets and systems, risks and vulnerabilities is needed to protect it. This includes knowing who has access to confidential information—and if everyone who does really needs it.

The events were moderated by Stephen Bowman, managing partner of Bennett Jones’ Toronto office and Martin Kratz, intellectual property and technology partner in Calgary. Bennett Jones commercial litigation partner Ruth Promislow was a panel member in both Toronto and Calgary. Stephen Burns, the firm's head of intellectual property was on the panel in Toronto. Bennett Jones’ Lionel Cochey, director, information security governance, risk management and compliance, was on the Calgary panel along with head of information technology Michael Whitt. They were joined by:

  • Toronto—Robert Beggs, founder and CEO of Digital Defence
  • Toronto—Jacqueline Detablan, vice president, regional professional liability manager, AIG
  • Calgary—David Gray, vice president at Jones Brown, a privately held Canadian insurance brokerage and strategic consultancy

Ruth and Michael lead Bennett Jones’ Cybersecurity group.

These events are part of a series of a Cybersecurity Seminar Series planned for 2017, and Bennett Jones thanks the panelists and attendees for making them such a success.

PDF Download

Authors

  • Ruth E. Promislow Ruth E. Promislow, Partner
  • Michael R. Whitt QC Michael R. Whitt QC, Partner, Patent Agent, Trademark Agent

Bennett Jones Marks 100 Years of Service and Trust

Related Links

  • Insights
  • Media
  • Subscribe

Recent Posts

Blog

Alberta Court Denies Application to Hear Motion to [...]

May 17, 2022
       

Blog

Alberta Court of Queen's Bench Finds Conflict of Interest [...]

May 16, 2022
       

Blog

The UK’s New Economic Crime Legislation–A Sign of Things to Come?

May 16, 2022
       

Blog

Canada's Federal Budget 2022 and Canadian Sanctions Implications

May 12, 2022
       

Blog

Alberta Court of Appeal Releases Reference Opinion [...]

May 11, 2022
       
Bennett Jones Centennial Footer 100 Years
Bennett Jones Centennial Footer 100 Years
About
  • Leadership
  • Diversity
  • Community
  • Innovation
  • Security
  • History
Offices
  • Calgary
  • Edmonton
  • Ottawa
  • Toronto
  • Vancouver
  • New York
Connect
  • Insights
  • News
  • Events
  • Careers
  • Students
  • Alumni
Subscribe

Stay informed on the latest business and legal insights and events.

LinkedIn LinkedIn Twitter Twitter Vimeo Vimeo
© Bennett Jones LLP 2022. All rights reserved.
  • Privacy Policy
  • Disclaimer
  • Terms of Use
Logo Bennett Jones