You need an incident response plan and it needs to be good. The first 72 hours are critical. While not all data incidents are of headline-grabbing magnitude, the worst incursion can throw an entire organization into turmoil for months. The first 72 hours after a data incident are, in particular, a chaotic mix of moving parts, most of which have to be addressed simultaneously, all while relying on incomplete information.

A cybersecurity incident response plan that has been prepared in advance for implementation by a trained and tested incident response team goes a long way towards staving off potential chaos, keeping key players on-message, and focusing the efforts of the team on identified priorities. An incident response plan lends structure to the urgent work and can represent an important brake on unfocused activity and the urge to “do something”. Moreover, a tightly-scripted response can reduce costs, reduce the over-involvement of outside vendors, help preserve evidence that may establish that the organization met the applicable standard of care, and minimize reputational damage.

How it Works

We audit the existing incident response plan, from which we prepare a gap assessment report with actionable recommendations to ensure a complete readiness plan with specific accountabilities. We also scope the requirements for a new response and readiness platform if no plan is in place.

We assist in drafting, updating and implementing the incident response plan in conjunction with key stakeholders. We also provide additional services on a fixed fee basis, including simulated ‘incident’ workshops, internal training and integration of public relations strategies.
 
How Clients Benefit

• Best in class expertise: We offer the expertise of Canada’s leading multi-disciplinary Cyber/Data Group that sees us combine legal expertise, current and future awareness with our key regulatory relationships to deliver innovative, leading solutions to mitigate risk around ever changing laws in the fields of cybersecurity, privacy and data protection. 
• Protect your privilege: Get the best of both practical business advice and legal risk management, under protection of privilege. As lawyers, our advice and our awareness of internal procedures and policies is protected in potential litigation or enforcement proceedings, unlike business or technology consultancies with similar offerings. 
• Breach incident support: In addition to the readiness review solution, our Cyber/Data Group leverages internal resources, existing partnerships and regulatory relationships to provide coordinated, practical breach response advice (legal, business, reputational) to ensure a comprehensive approach in the critical first 72 hours. 
• Integrated team: Our Cyber/Data Group works collaboratively across practices, industries, regions and borders. We also integrate our market-leading MT>Divisions, including our e-Discovery and information governance division MT>3and our legal translation division MT>Version.
• Integrated cross border response: We have experience working with companies whose business crosses borders and can leverage our relationships with leading US firms to seamlessly manage the risk created by multiple claims and enforcement actions on both sides of the border.