Cyber Liability
Cyber Liability
Erika Carrasco
400 - 444 7 AVE SW
Calgary, AB T2P 0X8
T403-232-1781
F403-264-7084
ecarrasco@fieldlaw.com
Industries
Emerging Technology
Services
Business
Intellectual Property
Privacy + Data Management
Overview
Experience
People
News + Views + Events

Cyber Response Planning (Preventative Measures to reduce the impact of Cyber Incidents on your Business)

Now that we know that cyber incidents are only a matter of time and that privacy laws and contractual requirements can place heavy burdens on a company that has been breached, it is critical to be prepared in advance. Field Law can assist with:

Pre-Breach or Incident Preparedness

  • Developing and reviewing corporate strategy to ensure cyber strategy includes execution of relevant policies through all levels of the organization
  • Developing and reviewing comprehensive cyber, data management and privacy related policies
  • Identifying, building, and training your internal cyber team
  • Identifying and retaining third party experts to be on call if and when required
  • Reviewing third-party contracts to identify additional cyber, privacy and data obligations and recommend risk mitigation
  • Providing in-house customized training to your executive and management team on all aspects of cyber, data management, and privacy breach issues.

Emergency Response – Breach Coaching

In the event that you discover a breach or a cyber incident has occurred, it is imperative that you contact legal counsel immediately to assist you with navigating the breach. You need to do this to immediately maintain solicitor-client privilege over the investigation and response. You will also need counsel to communicate and assist with reports to your insurers, your employees, the media, and your clients. We will work with you through all steps until the conclusion of the threat to ensure an efficient and effective resolution and to mitigate the risk and damage to your organization, by: 

  • Overseeing and managing your internal investigations, and internal communication regarding the incident
  • Overseeing all external communication with insurers, clients, other third parties, including PR and media management
  • Assessing and addressing employee misconduct or fault of other third parties relating to the incident
  • Assessing and determining impacts of the incident on data and privacy obligations, and
  • Assisting with communications and submissions to regulatory and law enforcement authorities, including provincial and federal Privacy Commissioners.

Post-Breach Analysis and Steps

After a breach occurs, it is important that you understand where the vulnerability existed and take steps to prevent further incidents as this will impact your reputation and impact the cost of future insurance coverage. This step is also key to strategic and budgetary planning for the future health of your organization. Field Law can help you strengthen your cyber strategy and health, by:

  • Overseeing a comprehensive vulnerability assessment of your systems
  • Reviewing and revising strategic plans and policies to assist in incident prevention
  • Representing you in bringing claims against parties for damages arising from a breach
  • Defending any third-party claims arising from the breach, and
  • Providing in-house customized training to understand how the breach occurred and what can be done to prevent it.
Erika Carrasco
Partner
VCARD
Calgary
403-232-1781
ecarrasco@fieldlaw.com
Kelly Nicholson
Partner / Privacy and Data Protection Officer
VCARD
Calgary
403-260-8515
knicholson@fieldlaw.com
Richard Stobbe
(He/Him)
Partner, Trademark Agent, CLP
VCARD
Calgary
403-260-8508
rstobbe@fieldlaw.com
Marc Yu
Partner
VCARD
Edmonton
780-643-8767
myu@fieldlaw.com
Brian Vail
,
KC
(He/Him)
Counsel
VCARD
Edmonton
780-423-7691
bvail@fieldlaw.com
Jarett Schaumberger
(He/Him)
Lawyer
VCARD
Edmonton
780-423-9587
jschaumberger@fieldlaw.com
October 2023 - 2 min read
Navigating the Intersection of Canadian and EU Privacy Laws
Cyber security and complying with the General Data Protection Regulation (GDPR) are essential for businesses in this digital age. Having a strong cyber security policy goes hand in hand with the management of personal information and u...
June 2020 - 7 min read
Case Study: G&G Oil Co. of Indiana v. Continental Western Insurance
Defence + Indemnity
The ransom paid in response to a ransomware attack was held not to be covered under the “Computer Coverage” of an insurance policy because the attack and the ransom demand did not amount to “fraud”, as opposed to a mere theft (c...
June 2020 - 7 min read
Case Study: Grossman v. Nissan Canada
Defence + Indemnity
An employer who is innocent of negligence or other misconduct can be vicariously liable for the tort of intrusion upon seclusion based on a data breach committed by one of its employees.  Grossman v. Nissan Canada, 2019 ONSC 6180, per Be...