Data Breach Notification Myths Busted

With the advent (and multiplication!) of privacy regulations around the world at both national and sub-national levels, it can be hard to know what your obligations and responsibilities are under these laws ...

How to Build Board-worthy Cybersecurity Business Cases

We have looked at Cybersecurity business cases in the past, relating the cost of a proposed solution to the potential cost of a breach. That framework hasn’t gone away - but, there ...

Supplier Hacked? Next Steps to Take

It's not a call you want to get. One of your suppliers is in touch to let you know they have been victimized by a cyber-attack. Whether it was ransomware or a ...

Why You Need a Software Restriction Policy (Right Now)

Windows Group Policy tends to get overlooked by most Administrators. Typically, you visit this policy when you first set up a domain—which for many companies is well beyond the first day you ...

How Operations Protects Your Business

As part of our “security takes a village” focus, we are exploring how stakeholders other than a dedicated cybersecurity or IT team can help keep your organization secure. In this post, our ...

Achieving a Security-Conscious Work Culture

Security-consciousness is more natural for some organizations than others. For certain industries, like finance or data management, it is almost ‘built-in’… but, all companies are a target for data breaches and ransomware, ...

Why Your Cybersecurity Process is the Problem

For those who don’t know, we have three P’s in cybersecurity; people, platform, and process. Invariably, the first step companies take towards securing their organization is by investing in platform (technology): anti-virus, ...

PIPEDA Best Practices Achieved with MDR

Last week, changes to the Personal Information Protection & Electronic Documents Act (PIPEDA) went into effect. Our CTO, Adam Mansour, wrote about the changes, and how our MDR service could help overcome ...

PIPEDA Best Practices Achieved with MDR – Part 2

The previous part of this post discussed tips that the Office of the Privacy Commission of Canada (OPC) issued in anticipation of the November changes to the Personal Information Protection and Electronic ...