The hackers have gotten in. Now what?

Adam Kardash

Mar 23, 2015

Shane Schick, Canadian Lawyer InHouse

(Recap)

Unfortunately, the Sony Pictures cyber attack is only the latest in an increasingly high-profile set of incidents involving brand name organizations. … All this means the role of general counsel in helping to prevent data breaches, or contribute to the response plan, will be more important in the coming year than ever before.

Adam Kardash, privacy law leader at Osler, Hoskin & Harcourt LLP, agreed. “We’re already seeing a palpable change across our client base and in a number of different sectors in how senior management and those at the board level are addressing cyber security threats,” he says. “One of the main reasons for that are the press reports and blog reports about the increase in the sophistication of cyber security threats. Companies now are just beginning to focus much more significantly on making sure that they have the appropriate data governance in place.”

Part of what makes a data breach mitigation and notification so challenging is what Kardash calls “data ubiquity” – the fact that information is now distributed across organizations, fed to mobile devices, sitting on the servers of third-party vendors and suppliers via cloud computing and in some cases hosted outside of Canada entirely.

“The harder it is to identify the data in your company and being able to keep that clear, the more you’re going to have natural challenges,” he says. “That doesn’t mean it can’t be overcome, it just requires more vigilant data governance.”

Read the full article.