Cyber Response Planning (Preventative Measures to reduce the impact of Cyber Incidents on your Business)
Now that we know that cyber incidents are only a matter of time and that privacy laws and contractual requirements can place heavy burdens on a company that has been breached, it is critical to be prepared in advance. Field Law can assist with:
Pre-Breach or Incident Preparedness
- Developing and reviewing corporate strategy to ensure cyber strategy includes execution of relevant policies through all levels of the organization
- Developing and reviewing comprehensive cyber, data management and privacy related policies
- Identifying, building, and training your internal cyber team
- Identifying and retaining third party experts to be on call if and when required
- Reviewing third-party contracts to identify additional cyber, privacy and data obligations and recommend risk mitigation
- Providing in-house customized training to your executive and management team on all aspects of cyber, data management, and privacy breach issues.
Emergency Response – Breach Coaching
In the event that you discover a breach or a cyber incident has occurred, it is imperative that you contact legal counsel immediately to assist you with navigating the breach. You need to do this to immediately maintain solicitor-client privilege over the investigation and response. You will also need counsel to communicate and assist with reports to your insurers, your employees, the media, and your clients. We will work with you through all steps until the conclusion of the threat to ensure an efficient and effective resolution and to mitigate the risk and damage to your organization, by:
- Overseeing and managing your internal investigations, and internal communication regarding the incident
- Overseeing all external communication with insurers, clients, other third parties, including PR and media management
- Assessing and addressing employee misconduct or fault of other third parties relating to the incident
- Assessing and determining impacts of the incident on data and privacy obligations, and
- Assisting with communications and submissions to regulatory and law enforcement authorities, including provincial and federal Privacy Commissioners.
Post-Breach Analysis and Steps
After a breach occurs, it is important that you understand where the vulnerability existed and take steps to prevent further incidents as this will impact your reputation and impact the cost of future insurance coverage. This step is also key to strategic and budgetary planning for the future health of your organization. Field Law can help you strengthen your cyber strategy and health, by:
- Overseeing a comprehensive vulnerability assessment of your systems
- Reviewing and revising strategic plans and policies to assist in incident prevention
- Representing you in bringing claims against parties for damages arising from a breach
- Defending any third-party claims arising from the breach, and
- Providing in-house customized training to understand how the breach occurred and what can be done to prevent it.