How your incident response plan can prevent litigation following a cyber-attack: Blakes lawyer

In-house counsel play vital role in responding to incidents

How your incident response plan can prevent litigation following a cyber-attack: Blakes lawyer
Nicole Henderson

As cyber threats continue to evolve amid the pandemic crisis, organizations are increasingly vulnerable. The best defence from litigation following a cyber-attack is the implementation of a comprehensive and realistic incident response plan that is easy to access, according to Nicole Henderson, litigation partner at Blake, Cassels & Graydon LLP.

“This is important, not only to deal with the immediate fallout of a cyber incident, but we’ve also seen some cases in litigation where courts have commented favourably on an organization’s effective response to an incident,” says Henderson. Even in cases where the incident response plan is not central to legal liability issues, it can help to mitigate risk, she says.

Litigation and class actions can arise where cyber-attacks lead to the unauthorized use of the personal information of customers, clients and other stakeholders.

“It’s not just the large hacking incidents that you see on the news that are potentially going to cause litigation and class actions,” says Henderson. “I’ve been involved in class actions that involved criminal cyber-attacks by third parties, but there’s also the type that involves a rogue employee who has solen data from the employer.”

Henderson also urges in-house counsel to circulate within their organizations the idea that a cyber incident really is a legal incident and not just an IT security issue. It is essential that in-house counsel are involved in the incident response team immediately following an attack.

“We’ve seen incidents where a well-intentioned IT security group have been handling a breach on their own for days or even weeks before in-house counsel are made aware of it,” says Henderson. “That can really be a lost opportunity to mitigate risk and also to ensure that the organization is complying with all relevant regulatory requirements, reporting requirements and so forth.”

The COVID-19 pandemic has given rise to an increased prevalence of phishing emails purporting to be from reputable organizations offering medical advice, or providing information about vaccines. Such emails will ask the reader to click on a link that downloads malware or requests personal information. The shift to remote work has also created vulnerabilities as many organizations have not implemented multifactor authentication to access their systems.

In the post-pandemic landscape organizations will find more opportunities to be agile in terms of how they collect and use the data of customers, clients or other stakeholders, so in-house counsel must take corresponding steps to ensure that data is adequately protected, Henderson advises.

“An important thing for in-house counsel and others to be aware of is that cyber security really is to some extent a game of cat and mouse,” she says. “It’s important, even with all the resource strains that organizations of all sizes are facing during the pandemic, to be very much on top of IT security and to make it a priority because cyber criminals are constantly innovating and improving their techniques.”

Related stories

Free newsletter

The Canadian Legal Newswire is a FREE newsletter that keeps you up to date on news and analysis about the Canadian legal scene. A separate InHouse Edition is delivered on a regular basis, providing targeted news and information of interest to in-house counsel.

Please enter your email address below to subscribe.

Recent articles & video

Alberta Court of Appeal refuses to restore appeal of disbarred lawyer

Cassels Brock, Stikeman Elliott and Blakes advising on US$370 million mining deal

How legal workplaces can change to better integrate women

Tribe Property Technologies expands in the Kootenay region as residential demand surges

Bennett Jones post-election panel: not much has changed, but is fiscal restraint out the window?

Condos in crisis? The dangers of ageing condos and underfunded reserve funds

Most Read Articles

Canadian Lawyer's Top 25 Most Influential Lawyers winners for 2021 revealed

Canadian Constitution Foundation criticizes vaccine passports of B.C., Manitoba

Ruling on Snaw-Naw-As case leaves door open for feds to decide on E&N rail line on Vancouver Island

Alberta Court of Queen's Bench confirms 'public disclosure of private fact' tort in the province