Developing and delivering an IRP or TTE to improve the effectiveness of your incident response approach, in isolation, does not work. If your incident response preparation activity does not include some fundamental tactical actions, when the time comes and your house is on fire, your breach response will fail to meet your expectations.
Part Four In a Series The conclusion of the series on Canada's recently introduced Consumer Privacy Protection Act looks at hot button enforcement issues in the Act.
Like other organizations, including law firms, in-house legal departments have not been spared from the "great resignation." Lawyers and professionals across all industries are actively seeking new opportunities for a host of reasons including better pay, better culture and better balance. When they leave, they take with them not just their talent but the institutional knowledge they've accumulated, while their former team members are left to piece things together.
The promise that the crypto and digital assets markets bring comes bundled with uncertainty — especially on the regulatory front. Until jurisdictions adopt unified and consistent frameworks that account for the unique facets and features of cryptocurrencies, institutional investors and other market participants must keep abreast of ever-changing, dynamic laws to avoid sanctions and fines.
In several recent cases, companies with cyber insurance discovered that provisions in these policies led their insurers to limit coverage. Courts have been strictly construing cyber policies, and have found that the coverage provided is narrow. These decisions hinged upon whether an event constituted a covered "direct" loss and whether intervening actions precluded coverage, like an employee responding to fraudulent communications.
As the landscape of cybersecurity and data privacy continues to evolve, so do the requirements needed to establish standing in regard to the type of harm suffered as a result of a data breach. Moreover, there has been a shift in the requirements needed to hold an organization legally and financially responsible for data stolen during a data breach.
It comes as no surprise that the crypto winter has reinforced the perception of critics that digital currencies are "risky, flawed and unproven digital financial instruments." This article analyzes the state of the cryptocurrency market and examines the impact of cybercrimes and crypto bankruptcies on the current market.
Security and privacy start with good information governance, and for many firms — trying to get their information governance policy implemented feels a lot like Groundhog Day. Yes, the one with Bill Murray. Let's take a closer look.
Part Three In a Series Part Three continues the analysis of new compliance requirements in Canada's new Consumer Privacy Protection Act, including the content of organizational privacy policies and anonymization of personal information policies, and business transaction policies contained in the Act.
Routines based around 'work from home' are calcifying, and commuting, parking, sandwich shops and childcare are fading into distant memory. With each passing week, the challenge to win attorneys back into the office increases.
