• About
  • Offices
  • Careers
  • Students
  • Alumni
Background Image
Bennett Jones Logo Bennett Jones
  • People
  • Expertise
  • Resources
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

FEATURED AREAS

Energy
Funds & Finance
Mining
Capital Projects
Governmental Affairs & Public Policy
All Industries
All Practices
Global Reach
Insights
Events
Media
Recent Work
Subscribe
Anti-Spam Learning Centre
Kickstart
Client Extranet Login
People
Featured Areas
All Practices
All Industries
About
Offices
Insights
Events
Search
Search
 

Blog

Dangerous Assumptions and Serious Consequences in Cybersecurity

June 29, 2017

 
Subscribe
Print
Share
Share
Twitter
LinkedIn
Email

Written by Ruth E. Promislow and Michael R. Whitt Q.C.

It's not the kind of news a retail giant wants to make. In May 2017, Target agreed to a $18.5-million settlement to resolve a 47-state investigation into a massive 2013 hack. This settlement put Target's total cost of the breach at $202 million. More than 40 million customers had their credit or debit card information compromised after hackers accessed Target's server. Access was gained through credentials stolen from a third-party vendor.

Companies can be more vulnerable than they think when it comes to cybersecurity—and dangerous assumptions can lead to serious consequences. Bennett Jones’ Cybersecurity group hosted panel discussions where firm members joined insurance and security experts to discuss emerging patterns and threats in cybersecurity. Panels were held in Toronto and Calgary. Key takeaways were:

  1. Cyber insurance can be a part of the solution, but there are potential pitfalls. It's a developing market and not everything is covered or well-integrated with other coverage elements. It's also essential to identify the scope of the coverage and tailor it to a company's needs. It's not typically an off-the-shelf product.
  2. Third-party vendors are a critical piece in cybersecurity. Companies must make them a part of their overall strategy, ask the right questions and monitor their performance. Ultimate responsibility cannot be delegated to a third-party, but third party risks can be managed.
  3. Employees who are properly trained and motivated are in some ways the firm’s “intelligent agents,” and one of the strongest lines of defence. The obverse is also true—insiders, whether by accident or purposefully, have proven to be a main cause of serious cyber breaches.
  4. Directors can face exposure. There is the possibility for personal exposure of directors in cybersecurity breaches. Further, in some claims against a breached organization, plaintiffs may not need to prove actual damages to succeed based on the new tort of “intrusion upon seclusion.”
  5. A comprehensive understanding of the organization's information assets and systems, risks and vulnerabilities is needed to protect it. This includes knowing who has access to confidential information—and if everyone who does really needs it.

The events were moderated by Stephen Bowman, managing partner of Bennett Jones’ Toronto office and Martin Kratz, intellectual property and technology partner in Calgary. Bennett Jones commercial litigation partner Ruth Promislow was a panel member in both Toronto and Calgary. Stephen Burns, the firm's head of intellectual property was on the panel in Toronto. Bennett Jones’ Lionel Cochey, director, information security governance, risk management and compliance, was on the Calgary panel along with head of information technology Michael Whitt. They were joined by:

  • Toronto—Robert Beggs, founder and CEO of Digital Defence
  • Toronto—Jacqueline Detablan, vice president, regional professional liability manager, AIG
  • Calgary—David Gray, vice president at Jones Brown, a privately held Canadian insurance brokerage and strategic consultancy

Ruth and Michael lead Bennett Jones’ Cybersecurity group.

These events are part of a series of a Cybersecurity Seminar Series planned for 2017, and Bennett Jones thanks the panelists and attendees for making them such a success.

Subscribe
Share
Share      
 
Twitter
LinkedIn
Email
 

Authors

  • Ruth E. Promislow Ruth E. Promislow, Partner
  • Michael R. Whitt Q.C. Michael R. Whitt Q.C., Partner, Patent Agent, Trademark Agent

Looking Forward: Class Actions in 2019

Download now

Related Links

  • Insights
  • Media
  • Subscribe

Recent Posts

Blog

Freehold Mineral Owners in Saskatchewan May Face Changes [...]

December 09, 2019
       

Blog

ACO Authority Confirmed—Duty to Consult Not Triggered [...]

December 03, 2019
       

Blog

Displacing Coal in Asia with North American LNG

November 28, 2019
       

Blog

Federal Court Issues Site-Blocking Order for ISPs

November 25, 2019
       

Blog

ILPA's Model Limited Partnership Agreement for Private Funds

November 20, 2019
       

The firm that businesses trust with their most complex legal matters.

  • Privacy Policy
  • Disclaimer
  • Terms of Use

© Bennett Jones LLP 2019 All rights reserved. Bennett Jones refers collectively to the Canadian legal practice of Bennett Jones LLP and the international legal practices and consulting activities of various entities which are associated with Bennett Jones LLP

Bennett Jones Bennett Jones