Canadian Lawyer InHouse

June/July 2020

Legal news and trends for Canadian in-house counsel and c-suite executives

Issue link: https://digital.canadianlawyermag.com/i/1260137

Contents of this Issue

Navigation

Page 27 of 35

26 www.canadianlawyermag.com/inhouse FEATURE AS MANY BUSINESSES around the world were forced to shutter offices when the World Health Organization declared a pandemic in March, concerns about data security and the threat of cyberbreaches began to rise exponentially. With most office-based employees required to work remotely to try and curb the spread of COVID-19, many organizations found themselves scrambling to cope with increased security vulnerabilities. Using home servers and unsecured personal devices can create a host of security issues. "A number of organizations were not prepared for this type of contingency," says Ruth Promislow, a partner at Bennett Jones LLP. "This level of remote access is highly unusual, so, if an organization hasn't prepared for this contingency Data protection and cybersecurity in the new reality Legal departments ramp up data protection measures as remote work leads to a spike in cybercrime and tested the security of that model, they can easily be subject to vulnerabilities." Many organizations have noted an increase in the number of phishing emails and criminal attempts to install malware as a result of the new dynamic of remote work. Malicious emails purporting to offer health information and updates on the pandemic are creating additional security risks. "Cybercriminals are basking in the opportunities that are presented by this pandemic," says Daniel Leslie, an associate at Norton Rose Fulbright LLP. "This situation has given them a playing field to be infiltrated. We have already seen a huge spike in incidents of scams and cyberattacks on the internet structure of individuals across Canada. "With people working unsupervised, there are risks around monitoring and risks around devices that are exposed to third parties, around protecting passwords and around being sanitary with the use of technology." At Sierra Systems, internal security protocols were established long ago to protect networks. However, with the new landscape of remote work, the legal department has increased measures to further protect company and client data. Educational chips, cheat sheets and tools were sent out to employees to make sure they are logging in safely through the correct portals, avoiding bypasses and taking enough security measures at home. "As an organization, we use a dual-factor authentication for logging in, and we have four or five fairly sophisticated software elements that we introduced a while ago, but they are now being used extensively because of the COVID-19 situation," says Robert Piasentin, who, at the time of interview, was general counsel at Sierra Systems, an NTT Data company. "Our business is servicing clients that have sensitive information in the health space and the justice space and other spaces, so we need to make sure we are equally ensuring the security of that information relating to our clients." Platforms including Zscaler and Carbon Black have been in place at Sierra for some time, but they are now being widely used to provide additional protection while employees are working remotely. Sierra's IT teams are working hard to identify new risks as quickly as possible and to prepare employees for phishing attempts. Employees are staying connected through Zoom meetings, which raises additional concerns. "We are making sure people are aware of vulnerabilities and they know the steps they need to take to prevent Zoom bombs and additional security breaches that could hurt us or our clients," says Piasentin, who recently left Sierra Systems to join McMillan LLP. Data protection has always been top of mind at Mogo, a Vancouver-based financial technology company with more than one million customers. "This level of remote access is highly unusual, so, if an organization hasn't prepared for this contingency and tested the security of that model, they can easily be subject to vulnerabilities." Ruth Promislow, Bennett Jones LLP

Articles in this issue

Links on this page

Archives of this issue

view archives of Canadian Lawyer InHouse - June/July 2020