More than 10,000 Canadians received a medically-assisted death in 2021: report
Quebec Superior Court suspends Bill 96’s translation requirement until constitutionality determined
The Ontario government has given Maggie an ultimatum: the disabled teen can lose her funding or her independence
FBI took 11 sets of classified material from Trump’s Mar-a-Lago home while investigating possible Espionage Act violations (US)
Ontario class action settlement reclassifies volunteers as employees, setting new precedent
Availability of Judicial Review in SABS Disputes
Are masking policies still valid?
Justice Canada releases commission report on impact of lack of legal aid in family law disputes
Harmonized sales tax part of maximum amount of attendant care benefits owed by insurer: court
New rules coming next month to help Canadians with cancelled and delayed flights
Stephen King set to testify for govt in books merger trial (US)
New law program in Quebec to begin next fall, a first in 50 years
The Impact of the Lack of Legal Aid in Family Law Cases
SCC rules that when someone is required by their partner to wear a condom but do not, they could be guilty of sexual assault.
Big Plastic suing feds over single-use ban — again
Tim Hortons offers coffee and doughnut as proposed settlement in class action lawsuit
The SCC has refused to hear the appeal to declare the renewal of the state of health emergency by the Quebec government invalid
Federal privacy commissioner investigating controversial ArriveCAN app
Kraken, a U.S. Crypto Exchange, Is Suspected of Violating Sanctions (US)
Ontario court certifies class action on former patients’ anxiety from notice of risk of infection
The stakes couldn’t be higher as Canada’s top court decides whether to hear climate class action lawsuit
Professor Barnali Choudhury selected by EU as trade and sustainable development expert
The Supreme Court decision on the ‘Ghomeshi’ amendments will help sexual assault victims access justice
AFN Reaches $20 B Final Settlement Agreement to Compensate First Nations Children and Families

Blakes releases new report to help Ontario businesses navigate cybersecurity risks

The study found that 50 percent of cyber security incidents occurred in Ontario.

PHOTO: Sunny Handa is a partner at Blake, Cassels & Graydon LLP and leader of the firm’s technology group
Cybersecurity incidents at Canadian businesses continue to grow at an alarming rate, according to a new study by Blake, Cassels & Graydon LLP. 

The third annual Blakes Canadian Cybersecurity Trends Study found a rising number of security breaches with the most attacks in Ontario, and the leader of the firm’s technology group, Sunny Handa, says the attacks are more sophisticated with higher ransoms.

Since the COVID-19 crisis forced many businesses to adapt to a remote work environment, the risk of cyberattacks has risen. The study found that 50 percent of cyber security incidents occurred in Ontario because the province has the largest population and business concentration in the country.

“Everyone will get hit eventually,” Handa says. “How bad it will be will depend on how much work companies have done to protect themselves.”

The study found that 55 percent of cyber breaches were ransomware attacks and 25 percent of ransom payments exceeded US$1million. “More threat actors have emerged this year and are vicious in certain ways,” Handa says. “The bad guys are organized. It’s almost as if they’re operating as a business. They’re saying it’s nothing personal, and we must do this to you.”

The study also found that 83 percent of companies hit with a cybersecurity incident did not report it to law enforcement and unpatched software vulnerabilities caused 34 percent of cybersecurity incidents.

“Once data is digital, people store it in different places and keep old data lying around making it dangerous because the threat actor makes a copy when a company is hacked, and data gets stolen,” Handa says.

Cyber breaches are not an intellectual property issue but an enterprise risk problem, and it is frustrating to spend most of the time dealing with a cyber crisis after a ransomware attack instead of prevention, Handa says. “It is not just the IT department. It is the board, your CEO, CFO, general counsel or chief legal officer.”

The study found that threat actors continue to approach ransomware as a service and are moving to a licensing model to increase revenues. In addition, hackers post fragments of stolen data online and set a doomsday clock that counts down to the publication of the entire data set.

While many businesses understand the severity of security breaches, Handa says many companies often stop engaging with technology professionals because of other priorities and technology consultants find it challenging to keep them focused on safeguarding company data.

He says that organizations must protect themselves and allocate human resources within the company to work with consultants and professionals to help minimize their vulnerability footprint. “They need to be trained and taught that this can happen and that this is how bad it will be.”

He says centralizing data is crucial to protect cyber information better because companies often investigate a security breach only after it is realized. However, as companies become more sophisticated in the digital world, he says businesses recognize they do not need to hold on to all data indefinitely.

Handa says lawyers have stepped into the role of cyber breach coaches because data and privacy laws continue to evolve with cyber threats and companies need to comply.


Want direct access to the latest LITN content?

Stay in the loop ➞ Subscribe to LITN instant notifications.
Receive the latest content delivered directly to your device.
Unsubscribe at anytime.

Latest News


Join the LITN Newsletter ➞ the latest news delivered to your inbox. Unsubscribe at any time.


Instagram Feed