• About
  • Offices
  • Careers
  • Students
  • Alumni
Background Image
Logo Bennett Jones
  • People
  • Expertise
  • Resources
  • Search
  • Menu
  • Search Mobile
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

FEATURED AREAS

Energy
Funds & Finance
Mining
Capital Projects
All Industries
Crisis & Risk Management
Environmental, Social & Governance
Governmental Affairs & Public Policy
All Practices
Insights
Media
Events
Subscribe
COVID-19 Resource Centre
Business Law Talks Podcast
Kickstart
New Energy Economy Series
People
Featured Areas
All Practices
All Industries
About
Offices
Careers
Insights
Events
Search
Search
 
Blog

Global Patterns and Risks in Cybersecurity

September 27, 2018

Written by Ruth E. Promislow

What are the emerging patterns and risks for cybersecurity in Canada, the United States, European Union and Australia? A global panel shared their views and predictions at last week’s 64th Pacific Rim Advisory Council (PRAC) conference in Calgary.

Here are their key insights:

Patterns

  • Businesses need to take steps to understand their supplier’s cybersecurity hygiene—and include contractual terms in their agreements that require the provider to abide by a particular standard, permit the business to audit compliance with that standard, and require notification by the third party of a breach of safeguards. Other contractual terms should also identify which party will bear the costs associated with a cyber attack.
  • Cloud service contracts—which are generally offered on a take-it-or-leave-it basis—typically carve out liability for the cloud provider in connection with a cyber attack. As a result, businesses need to make sure they have other protections in place in connection with a potential attack against the cloud provider, as well as provisions in the cloud contract that permit monitoring of the cloud provider’s performance to the stated security standards.

Risks

  • Managing risk at an organization needs to be driven by business in collaboration with IT. Including IT staff in negotiation of contracts can be important in the context of, for example, cloud service provider agreements.
  • The human element remains the greatest weakness in cybersecurity. Everyone at a business needs to be trained on how serious the threat is and what to look for in their everyday communication. Leaders must align the entire organization to work together.

Looking Ahead

  • Regulatory: The EU’s General Data Protection Regulation (GDPR) came into force in May 2018, and has extraterritorial effect. Other jurisdictions around the world are following step with implementing more aggressive statutory regimes to compel compliance with protection of personal data.
  • Honeypots: This is an increasingly popular detection tool in cybersecurity defence. Honeypots are decoys on a company’s system that are intended to attract hackers. Their security is weaker and when a hacker enters a honeypot, the company can learn about the tactics of the attack—then use this information to deflect future ones.

Bennett Jones hosted the PRAC conference in Calgary, the first time the event was held in Alberta. I moderated the panel on Risky Business: Managing Cybersecurity as a Threat and Practice and panel members were:

  • Robert Beggs, CEO, DigitalDefence, Waterloo
  • Bruce Johnson, Partner, Davis Wright Tremaine, Seattle/Los Angeles
  • Ross Perrett, Partner, Clayton Utz, Brisbane
  • Jaap Stoop, Partner, NautaDutilh, Amsterdam  

Author

  • Ruth E. Promislow Ruth E. Promislow, Partner

Read the New Energy Economy Series

Related Links

  • Insights
  • Media
  • Subscribe

Recent Posts

Blog

The Rise of ESG Bonds in Corporate Financing

March 02, 2021
       

Blog

Another Reminder of the Low Bar for Class Action Certification [...]

March 01, 2021
       

Blog

Are Gun Manufacturers Liable for Mass Shootings?

March 01, 2021
       

Blog

Evidence of Harm Required To Advance Class Action Following Data Breach

February 24, 2021
       

Blog

Site Rehabilitation Program Periods 5 and 6 Further Expand Program Scope

February 22, 2021
       

The firm that businesses trust with their most complex legal matters.

  • Privacy Policy
  • Disclaimer
  • Terms of Use

© Bennett Jones LLP 2021. All rights reserved. Bennett Jones refers collectively to the Canadian legal practice of Bennett Jones LLP and the international legal practices and consulting activities of various entities which are associated with Bennett Jones LLP

Logo Bennett Jones