Cybersecurity and cyber risk management are fundamental challenges for businesses and organizations of all kinds and sizes. This site provides commentary and insight about recent developments in Canadian cybersecurity law.


Featured Posts


Photo by 3dmentat/iStock / Getty Images

Cyber Risk Management Guidance for Corporate Directors

Corporate directors have a legal responsibility to ensure that their corporations have appropriate cyber risk management policies and practices, and are prepared to respond effectively to cyber incidents.

Photo by onurdongel/iStock / Getty Images

Data Security Incident Response Plans — Some Practical Suggestions

A comprehensive and suitable data security incident response plan and a trained incident response team are fundamental parts of an enterprise risk management program.

Photo by IvelinRadkov/iStock / Getty Images

Regulatory Enforcement Action Emphasizes Need for Information Security Governance Framework

Recent regulatory enforcement action emphasizes that organizations must establish an information security governance framework to ensure that appropriate practices, systems and procedures for the protection of personal information are established, consistently understood and effectively implemented.