Cybersecurity incidents have become a ‘when’, not an ‘if’ but what matters is ‘how’. How will your organization prepare? How will your organization react in the crucial 72 hours following the incident? How will you be judged in the aftermath? And, with the proposed Consumer Privacy Protection Act, how severe will the penalties be?

The ‘how’ is the focus of our new publication, Cybersecurity Risk Management: A Practical Guide for Businesses, a comprehensive guide to legal strategy for cybersecurity.

Informed by our Cyber/Data Group’s cross-practice, 360° approach, our guide helps you understand the risk, build the business case for preparedness, develop a cybersecurity strategy and an incident response plan and, when the worst happens, respond.

You will get a practical overview of a cybersecurity framework, including the roles of directors and officers, appropriate policies and training, cyber insurance, conducting due diligence on vendors, and weaving cybersecurity into your contracting process. You will also understand what experiencing a breach looks like, as explained by lawyers who have counselled clients through countless cyber incidents, including some of the largest in Canadian history. Topics include understanding roles and responsibilities in a breach, containment and investigations, knowing when and how to report to regulators and notify third parties, and complying with specific industry requirements.

To stay up-to-date, subscribe to TechLex (below) or contact our Cyber/Data Group for assistance.