• About
  • Offices
  • Careers
  • Students
  • Alumni
Background Image
Logo Bennett Jones
  • People
  • Expertise
  • Resources
  • Search
  • Menu
  • Search Mobile
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

FEATURED AREAS

Energy
Funds & Finance
Mining
Capital Projects
All Industries
Crisis & Risk Management
Environmental, Social & Governance
Governmental Affairs & Public Policy
All Practices
Insights
Media
Events
Subscribe
COVID-19 Resource Centre
Business Law Talks Podcast
Kickstart
New Energy Economy Series
People
Featured Areas
All Practices
All Industries
About
Offices
Careers
Insights
Events
Search
Search
 

Cybersecurity

  • Download PDF
  • Key Contacts
  • Recent Experience
  • Recent Recognition
  • Insights, News & Events
  • Download PDF
  • Recent Experience
  • Recent Recognition
  • Insights, News & Events

Cybersecurity attacks have become an inevitable business risk for companies, large and small. Companies must now develop, and continually update, plans to protect personal data, design an incident response plan should it be attacked, and address the scope of litigation risks and regulatory obligations upon an incident.

As part of our ongoing cybersecurity efforts to ensure safe and reliable service to our clients, we recently became ISO 27001 certified. The work undertaken to achieve and retain this certification gives us unique insight into clients’ challenges in minimizing exposure and maintaining compliance in this increasingly complex and threatening area.


Clients work with us for our practical approach to addressing cybersecurity:

Strategic Risk Management

  • Cybersecurity preparedness including implementing data protection plans meant to reduce reputational, business continuity and regulatory risk
  • Guidance for boards of directors and senior management on data protection obligations
  • Development of data breach policies, playbooks and scenario plans
  • M&A due diligence involving data protection, privacy and security
  • Review of data protection insurance coverage
  • Health information privacy, including security policies and governance

Thorough and Organized Incident Response

  • Executing efficient response plans, either as managers or supporting team members
  • Data breach investigation, including addressing employee misconduct
  • Liaison with regulatory, law enforcement authorities and Privacy Commissioners
  • Seamless coordination with public/government relations service providers

Vigorous Advocacy and Defence

  • Defending against litigation or class action proceedings relating to data breach or privacy incidents
  • Defending against regulatory proceedings and negotiating with regulatory agencies

Key Contacts

  • Duncan C. Card Duncan C. Card, Partner
  • Ruth E. Promislow Ruth E. Promislow, Partner
  • Michael R. Whitt Q.C. Michael R. Whitt Q.C., Partner, Patent Agent, Trademark Agent
  • Related Lawyers

Recent Experience

Canadian Utilities Limited, an ATCO company, in the sale of its entire Canadian fossil fuel-based electricity generation portfolio for approximately $835 million, which was completed in three stages, through the sale of its interest in the Cory project in Saskatchewan to SaskPower International Inc., a sale of its interest in the Brighton Beach project in Ontario to Ontario Power Generation Inc., and a sale of the balance of the applicable generation assets through a sale of its equity interest in ATCO Power Canada Ltd. to Heartland Generation Ltd., an affiliate of Energy Capital Partners.
A large financial institution, addressing a cyber-attack. We participated as members of the incident response team and worked closely with senior management of the client to identify the risks, review remedial action taken, understand the client's reporting and notification responsibilities, to engage specialized IT, forensic, public relations and other resources and to craft notifications for different classes of individuals potentially affected by the breach and to address and help mitigate potential liability associated with the incident.
Numerous clients and review and drafting of existing policies (IT, Privacy, CASL)
Numerous clients with litigation risks arising from cyberattacks.

Recent Recognition

Who's Who Legal: Data
Bennett Jones lawyers recognized globally for data information technology
Worldwide Financial Advisor Awards Magazine
Recognized as ecommerce law firm of the year - Canada

Insights, News & Events

Speaking Engagements

16th Annual Crown Corporate Governance Conference

January 19, 2021
       

Blog

Understanding the Draft Consumer Privacy Protection Act: A Summary of the Key Changes Proposed

November 26, 2020
       

Articles

Balancing Privacy and Convenience in Electronic Healthcare Law Review

November 2020
       

Speaking Engagements

Ruth Promislow on the Cybersecurity Legal and Compliance Outlook for 2021

September 22, 2020
       

Blog

Lessons in Digital Asset Recovery

June 02, 2020
       

Blog

Competition Bureau Calls for Increased Fines Under Competition Act for Privacy Violations

May 29, 2020
       

Blog

Key Takeaways from Competition Bureau Fine for Privacy Violation

May 21, 2020
       

Announcements

Fifteen Bennett Jones Lawyers in Lexpert's Special Edition on Technology

May 13, 2020
       

Blog

COVID-19 and Contact-Tracing Apps in Canada

May 12, 2020
       

Blog

Changes Result in the Alberta Electronic Transactions Act Applying to Employment and Other Records

April 13, 2020
       

Blog

Privacy Considerations When Using Smartphone Location Data to Limit the Spread of COVID-19

April 13, 2020
       

Blog

COVID-19 and Cybersecurity Scam Alert: Protecting Your Information and Assets

March 19, 2020
       

Blog

New Privacy Guidance for Businesses Operating in British Columbia

March 11, 2020
       

Blog

Expect Increased Privacy Regulatory Enforcement in 2020

March 09, 2020
       

In the News

Ruth Promislow on How Cannabis Companies Can Manage Cyber Risk

February 10, 2020
       

Blog

Review of Artificial Intelligence May Result in Significant Changes to PIPEDA

February 06, 2020
       

Blog

Competition Bureau Intends to Police Privacy Violations—Beware of Potential Fines

January 24, 2020
       

Speaking Engagements

Ruth Promislow Presented on Privacy Concerns and Considerations

November 25, 2019
       

Speaking Engagements

Ruth Promislow on Data Protection and Privacy in Canada Panel

November 13, 2019
       

Speaking Engagements

Ruth Promislow on Cyber Time: Cybersecurity Crash Course for Directors & Executives

October 30, 2019
       

Speaking Engagements

Duncan Card at Cyber Security Roundtable

October 08, 2019
       

Blog

Business Email Compromise: Protect Your Company From This Common Scam

October 07, 2019
       

Blog

Transborder Data Flow Consent Standard is Reaffirmed

September 24, 2019
       

Speaking Engagements

Ruth Promislow at ISMG Cybersecurity Summit

September 24-25, 2019
       

Blog

Meaningful Consent: An Evolving Standard under Canadian Privacy Law

September 20, 2019
       

Speaking Engagements

Ruth Promislow on WG11

September 18-19, 2020
       

In the News

Ruth Promislow on Preparing for Cyberattacks in the Cannabis Industry

September 17, 2019
       

Blog

Limitation Period for Damages Claims under Personal Information Protection Act (Alberta)

August 28, 2019
       

Blog

Why Large Organizations Should Pay Attention to the New Cybersecurity Certification Program

August 23, 2019
       

Blog

New Report from the Ontario Privacy Commissioner: Key Takeaways for Ontario Businesses

July 16, 2019
       

Blog

Record Fine Proposed Under GDPR

July 11, 2019
       

Speaking Engagements

Ruth Promislow as Dialogue Leader on the WG11 Meeting

June 18-21, 2019
       

Speaking Engagements

Ruth Promislow on Cyber Time: Cybersecurity Crash Course for Directors & Executives

June 12, 2019
       

Blog

Organizations Can Expect Increased Canadian Regulation for Privacy Violations

May 31, 2019
       

In the News

Ruth Promislow on Canada’s New Digital Charter

May 30, 2019
       

Speaking Engagements

Ruth Promislow on Cyber Security Forum

May 26-28, 2019
       

Updates

Canada Digital Charter Announced

May 23, 2019
       

Blog

Cyber Crash Course for Directors and Officers

May 16, 2019
       

Speaking Engagements

Ruth Promislow on Payment by Cryptocurrency Panel

May 15, 2019
       

Speaking Engagements

Ruth Promislow on Cybersecurity Crash Course for Directors and Officers

May 14, 2019
       

Blog

Changes to Cross-Border Data Flow Consent Requirements: Is Your Privacy Policy Still Compliant?

April 30, 2019
       

Speaking Engagements

Ruth Promislow at NetDiligence Cyber Risk Summit

April 05, 2019
       

Speaking Engagements

Ruth Promislow at The Sedona Conference, Houston

February 28-March 1, 2019
       

Speaking Engagements

Data Breaches

February 27, 2019
       

Speaking Engagements

Ruth Promislow at The Consulate General of Canada

February 27, 2019
       

Speaking Engagements

Duncan Card Speaks at the Nuclear Decommissioning and Waste Management Summit

February 21, 2019
       

Blog

Technology and Cybersecurity Incident Reporting: New Guidance from OSFI

January 31, 2019
       

Blog

B.C. Privacy Commissioner Issues Guidance Regarding Cannabis Transactions

November 07, 2018
       

Blog

Cyber Breach at the Ontario Cannabis Store Impacts 4,500 Consumers

November 07, 2018
       

Blog

Hacking Elections—New Vulnerabilities

November 01, 2018
       

Updates

Your 10-Step Guide to New Mandatory Breach Reporting Regulations

October 17, 2018
       

In the News

Ruth Promislow on November 1 Breach Notification Regulations

September 28, 2018
       

Blog

Global Patterns and Risks in Cybersecurity

September 27, 2018
       

Speaking Engagements

Duncan Card at Society For Computer Law - 2018 Annual General Meeting

September 27, 2018
       

Blog

What Can Canada Expect with Mandatory Breach Notification?

August 08, 2018
       

Blog

Cybersecurity—Loss Due to Social Engineering Attack Covered Under Insurance Policy

August 03, 2018
       

Blog

CRTC Issues $250,000 in Penalties for Malware Distribution

July 11, 2018
       

Speaking Engagements

Disaster Recovery Information Exchange (DRIE)—Toronto Chapter

June 12, 2018
       

Speaking Engagements

Ruth Promislow at ITAC Cyber Security Forum

June 12, 2018
       

Speaking Engagements

Ruth Promislow on Cybersecurity and the Law

May 29, 2018
       

Speaking Engagements

Sedona Conference WG11 Webinar

April 30, 2018
       

Speaking Engagements

Ruth Promislow at Community Foundation of Canada

April 23, 2018
       

Blog

Are You Ready for Mandatory Breach Reporting and Notification?

April 19, 2018
       

Updates

Mandatory Breach Notification Across Canada

April 04, 2018
       

Blog

Updated Guidance on Cybersecurity Disclosures from the SEC

March 05, 2018
       

In the News

Ruth Promislow: Prepare and Rehearse for Cyber Attacks

February 27, 2018
       

Speaking Engagements

NetDiligence Cyber Risk Summit

February 23, 2018
       

Speaking Engagements

Canadian Summit for Healthcare Cyber Security

February 22, 2018
       

Blog

Cybersecurity Uncertainty for Cryptocurrencies

February 01, 2018
       

Blog

Recent Developments in Online Privacy Protections for Canadians

February 01, 2018
       

Speaking Engagements

Duncan Card at ISACA Bermuda TechTalk series

January 25, 2018
       

Blog

Law Firm Credentials for Sale on the Dark Web: Understanding Your Cybersecurity Vulnerabilities

January 23, 2018
       

Blog

Eurasia Group’s Top Risks 2018: Impacts for Canadian Business

January 05, 2018
       

Blog

Electrical Infrastructure Standards Updated to Meet Cybersecurity Threat

January 04, 2018
       

Blog

BizSkule on Cybersecurity: Six Key Takeaways

December 11, 2017
       

Speaking Engagements

Duncan Card at Bermuda CIOs Meeting

November 28, 2017
       

Guides

Looking Forward: Canadian Class Actions in 2018

November 23, 2017
       

In the News

Ruth Promislow on CTV News on Uber Data Breach

November 23, 2017
       

Blog

Grand Theft Data: Uber Announces Almost 60 Million Accounts Compromised in Data Breach

November 22, 2017
       

Blog

Top 10 Tips for Cybersecurity Employee Training

November 03, 2017
       

Blog

Cybersecurity Risks—Compelling Statistics from the Canadian Securities Administrators

October 25, 2017
       

Speaking Engagements

Cyber Security: Protecting your business in a digital world

October 20, 2017
       

Blog

Cybersecurity—It's Not Only About Building Walls

October 02, 2017
       

Speaking Engagements

Duncan Card at ARMOUR EXPO 2017

September 28, 2017
       

Speaking Engagements

Bennett Jones Breakfast Cyber Event

September 27, 2017
       

In the News

Ruth Promislow on Who to Contact After a Data Breach

September 22, 2017
       

In the News

Duncan Card at Armour Expo 2017 on Grand Cayman

September 21, 2017
       

Speaking Engagements

Board Primer on Cybersecurity

September 21, 2017
       

Speaking Engagements

The Sedona Conference Working Group

September 18-19, 2017
       

Speaking Engagements

Interlex Annual Meeting (Toronto)

September 14, 2017
       

Blog

Cybersecurity: Spear Phishing Covered Under Insurance Policy Where Code Manipulated

July 25, 2017
       

Blog

Healthcare Data: Are You Required to Report a Ransomware Attack?

July 25, 2017
       

Blog

Cybersecurity: When Social Engineering Fraud is Not Covered Under Your Insurance Policy

July 21, 2017
       

Blog

New General Data Protection Regulations in European Union Has Cybersecurity Consequences

July 19, 2017
       

In the News

Ruth Promislow on Working with Law Enforcement After a Data Breach

July 10, 2017
       

Blog

Dangerous Assumptions and Serious Consequences in Cybersecurity

June 29, 2017
       

Speaking Engagements

Cybersecurity Seminar Series - Dangerous Assumptions (Toronto)

June 14, 2017
       

Speaking Engagements

Cybersecurity Seminar Series - Dangerous Assumptions (Calgary)

June 13, 2017
       

In the News

Ruth Promislow in Financier Worldwide: Cyber Security & Risk Management

June 08, 2017
       

Speaking Engagements

2017 Cyber Security Forum

May 28-30, 2017
       

Speaking Engagements

Identifying and Managing the Various Cybersecurity Challenges in an Increasingly Hostile World

2017
       

Blog

Cybersecurity Lessons from the United States: A Guide for Directors and Officers

May 23, 2017
       

In the News

Bennett Jones on Cyberattacks in Cantech Letter

May 22, 2017
       

Blog

WannaCrypt Ransomware Attacks on Out-of-Date Systems

May 15, 2017
       

In the News

Duncan Card in Royal Gazette on Supply Chain Cybersecurity

May 01, 2017
       

Speaking Engagements

Duncan Card at Association of Trade & Forfaiting in the Americas - 20th Annual Conference

April 28, 2017
       

Blog

Five Pitfalls of Cybersecurity Insurance: Lessons from the United States

April 24, 2017
       

In the News

Duncan Card in Bernews on Cyber Risks and Security Panel

April 20, 2017
       

Announcements

Duncan Card on Cybersecurity Risk Management at ATFA Annual Conference

April 18, 2017
       

Updates

Highly Confidential Data—A Cybersecurity Risk for Cannabis Related Businesses

April 12, 2017
       

Speaking Engagements

CyberSecurity and Readiness

April 11, 2017
       

Blog

Canadian Securities Administrators - Update on Cybersecurity

April 10, 2017
       

Blog

Corporate Cybersecurity Can Only Be as Strong as Your Weakest Link

April 06, 2017
       

Blog

Know the Risks of a Cyberattack on Your Third-Party Service Providers

March 14, 2017
       

Blog

Federal Trade Commission Delivers Cross-Device Tracking Report Recommendations

February 23, 2017
       

Blog

Cybersecurity: Regulatory Risks for Canadian Issuers

February 22, 2017
       

Blog

Cybersecurity Obligations of Directors

February 16, 2017
       

Updates

Cybersecurity: 2017 Report & 2016 Reflections

February 2017
       

Speaking Engagements

CyberSecurity for Law Firms

January 12, 2017
       

Blog

Cybersecurity Threats Everywhere–Beware of USB Keys

December 20, 2016
       

Updates

Cybersecurity: United States Federal Trade Commission Strikes Again; Foreshadowing of things to come in Canada?

December 20, 2016
       

Speaking Engagements

2016 Cyber Security Forum

August 31, 2016
       

Updates

Cyber-Security and the Rise of the Vigilante Hacker

May 19, 2016
       

Speaking Engagements

Legal Implications of Panama Papers

May 03, 2016
       

The firm that businesses trust with their most complex legal matters.

  • Privacy Policy
  • Disclaimer
  • Terms of Use

© Bennett Jones LLP 2021. All rights reserved. Bennett Jones refers collectively to the Canadian legal practice of Bennett Jones LLP and the international legal practices and consulting activities of various entities which are associated with Bennett Jones LLP

Logo Bennett Jones