Focus On

Firms team up to offer enterprise cybersecurity crisis response offering

Friday, February 14, 2020 @ 9:41 AM | By John Chunn

Ernst & Young LLP (EY Canada), Norton Rose Fulbright and Provident Communications Inc. announced that they have joined forces to launch a comprehensive data breach crisis response offering providing enterprise clients with a single, fully integrated source for cybersecurity, legal and crisis communications expertise.

According to the firms’ press release, in addition to offering a complete suite of services in a range of cybersecurity crisis and compromised privacy scenarios, the three firms are leveraging their experience base to develop a strategic playbook to enable boards and management teams to respond to an emerging data breach.

The playbook will provide an array of actionable, client-specific insights and information regarding all aspects of a cybersecurity crisis, from process and response team structure to legal strategy and communications messaging and tactics.

“The volume, variety and sophistication of cyberattacks are growing daily,” said Yogen Appalraju, national cybersecurity leader at EY Canada. “At the same time, new regulatory and compliance obligations and other stakeholder expectations have introduced additional complexity that impacts the ability of organizations to rapidly respond to threats. Our combined cybersecurity, legal and communications offering will enable companies to be better aligned and respond with more speed and effectiveness during a crisis.”

According to the Office of the Privacy Commissioner of Canada, more than 28 million Canadians were affected by a data breach between November 2018 and November 2019. 

Walied Soliman, partner and Canadian chair of Norton Rose Fulbright, said: “While a number of Canadian organizations are world leaders when it comes to investing in IT security infrastructure, many remain unprepared to effectively manage an incident when those defences fail and sensitive customer data is compromised. Our strategic playbook will empower boards and executive leadership teams to anticipate, identify and proactively address potential gaps in their planning, thereby ensuring that they have a clear action plan in place for when a crisis strikes.”

“The economic cost of a cyberattack is significant for an organization of any size, but the resulting loss of customer trust and the harm to a company’s reputation can be just as painful and take longer to repair,” added Wojtek Dabrowski, managing partner at Provident Communications. “Responding effectively to customers, media, investors, employees, regulators and all other stakeholders in real time is absolutely critical to managing a cybersecurity crisis and limiting its long-term negative impacts.”

A 2019 study conducted by the Ponemon Institute and sponsored by IBM found that the average cost of a data breach in Canada is $4.4 million, making it the fourth most costly location for a cyberattack in the world. According to the report, the organizations that had an incident response team in place and tested their incident response plans extensively saw a significant reduction in the financial impact of a data breach.