Ransomware continues to present an increasing risk to all organizations. Ransomware attacks can involve the installation of malicious software designed to block access to computer systems and/or steal data, and a...more
3/15/2022
/ Canada ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Financial Crimes ,
Financial Institutions ,
Financial Reporting ,
Popular ,
Ransomware
On November 9, 2021, the Office of the Superintendent of Financial Institutions (OFSI) launched a three-month public consultation on the Draft Guideline B-13: Technology and Cyber Risk Management....more
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
8/31/2021
/ Canada ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Financial Institutions ,
Financial Services Industry ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Risk Management
Insurer AXA, among Europe's top five insurers, recently announced that it was suspending insurance coverage in France for ransomware extortion payments. AXA said it made this decision in response to concerns raised by French...more
On April 30, 2021, the Government of Ontario introduced Building a Digital Ontario, the province's new digital and data strategy, which lays the foundation for Ontario to become "the world's leading digital jurisdiction."...more
In its Annual Report to Parliament on the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA), the Office of the Privacy Commissioner (OPC) has repeated its previous calls for reform to...more
Following the recent fine against Facebook for C$9.5 million under the Competition Act pursuant to allegations that it made "false or misleading claims about the privacy of Canadians' personal information,” the Competition...more
Facebook has agreed to pay a fine of $9 million under the federal Competition Act stemming from the Cambridge Analytica matter and to reimburse the cost of the inquiry of $500,000 (without any acknowledgment of wrongdoing)....more
The Canadian Internet Registration Authority (CIRA) launched a domain name system (DNS) service on April 23, 2020. CIRA is the entity responsible for overseeing Canada's .ca country-code top-level domain (ccTLD). CIRA is...more
It is not only hackers who pose a risk to an organization's information security; hostile insiders do as well. According to Verizon, an estimated 34 percent of data breaches involve internal actors. Hostile insiders may be...more
2020 is shaping up to be a significant year for regulation of privacy issues, with two significant events taking place so far this year. In early February, the Office of the Privacy Commissioner (OPC) commenced an action...more
3/10/2020
/ Artificial Intelligence ,
Cambridge Analytica ,
Canada ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Data Security ,
OPC ,
PIPEDA ,
Popular
Between 2016 and 2019, Business Email Compromise (BEC) scams cost American organizations US$3.1 billion in losses and Canadian organizations US$33.6 million. This type of pervasive scam targets large and small businesses...more
10/8/2019
/ Business E-Mail Compromise (BEC) ,
CEOs ,
Cyber Attacks ,
Cybersecurity ,
Email Policies ,
Fraud ,
Internal Controls ,
Popular ,
Risk Management ,
Scams ,
Small Business ,
Vulnerability Assessments
The recently announced federal government cybersecurity certification program is targeted at small- and medium-sized enterprises (SMEs), but larger organizations should also take note....more
The Office of the Information and Privacy Commissioner of Ontario (OIPC) released its 2018 Annual Report: Privacy and Accountability for a Digital Ontario on Wednesday, July 10, 2019. This report signals a move toward...more
7/16/2019
/ Artificial Intelligence ,
Canada ,
Cyber Attacks ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Faxes ,
Personally Identifiable Information ,
Popular ,
Privacy Concerns ,
Regulatory Oversight
We had a packed house for our Cyber Time: Crash Course for Directors and Officers event this week at the Bennett Jones Calgary office. The half-day session covered current cyber threats facing businesses today, litigation...more
The European Union’s General Data Protection Regulation (GDPR) will come into force on May 25, 2018. This new regulation replaces the current data protection law (Directive 95/46/EC) substantially and will bring important...more
Given the increasing threat of cyberattacks and the corresponding costs, businesses are increasingly considering cybersecurity insurance. But insurance is only as effective as the scope of the coverage. Though Canadian...more
Cybersecurity is a significant business risk for any organization that collects personal data. The greater the amount of personal data collected by an organization, the greater the risk that it will be targeted by...more
While corporate executives are increasingly becoming aware of their obligation to be informed of cybersecurity threats and the steps being taken by their company to prevent data breaches, it is equally important for...more
In 2016, cybersecurity continued to grow as a primary business risk for companies worldwide. Data breaches continued to escalate both in number and magnitude and the landscape of legal and regulatory liability evolved and...more
2/10/2017
/ Ashley Madison ,
Bitcoin ,
Breach Notification Rule ,
Canada ,
Class Action ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Popular ,
Ransomware ,
Risk Assessment ,
Risk Management ,
Yahoo!
In the world of cyber hacks and leaks, there are two general categories of players: the fraudsters who steal data in order to obtain a profit, and the “hacktivists” who expose data, purportedly for the greater good....more
5/20/2016
/ Admissible Evidence ,
Ashley Madison ,
Canada ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Edward Snowden ,
Hackers ,
Panama Papers ,
Popular ,
Rules of Civil Procedure ,
WikiLeaks ,
Young Lawyers