• Imran Ahmad, Lawyer and Breach Coach at Toronto’s Blake, Cassels & Graydon LLP


• 05.08.2020 03:25 pm

Lawyer Imran Ahmad, a partner at Toronto’s Blake, Cassels & Graydon LLP, specializes in cybersecurity, privacy and technology law. He’s also the author of a preparation and response handbook entitled Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management. A breach lawyer and coach, he helps his clients develop and implement strategies related to cyber threats and data breaches, while also advising them on legal risk assessments, compliance, and other related issues, and serving as a breach counsel when cybersecurity incidents do occur.

We asked Imran Ahmad about some of the cybersecurity challenges companies are facing today.

Last month, a report was published which noted that the average cost of a cyber-breach to a publicly traded company was $116 million. Is this kind of number consistent with what you’ve been seeing?

Imran Ahmad:  Yes, the numbers are consistent, and in fact, cyber security incidents have never been higher. Today, cyber criminals are using sophisticated technology to steal valuable information from businesses.  Their tactics are ever-changing, so even if organizations are keeping up-to-date with their virus protection, hackers are always seemingly one step ahead. The truth is, businesses are struggling to fend off cyber threats.  It’s a real problem. 

It’s known that hackers’ common tactics and most successful methods for creating data breaches are via malware, phishing, unauthorized access, and misconfiguration. What new methods are companies experiencing?

Imran Ahmad: The ongoing challenge with cyber incidents is that the technology and techniques employed by cyber criminals continue to evolve. Regardless of ongoing efforts to be proactive and prevent or minimize cyber incidents, the stark reality is that cyber criminals continue to innovate.  However, ransomware and compromised business emails continue to be the biggest risks to organizations.  Although anyone can be a target, cyber criminals appear to be focusing on organizations that store sensitive data, such as financial, health and professional services firms. Critical infrastructure is also at higher risk since an attack of this nature could lead to a widespread shut down of vital operations. 

Since the COVID-19 pandemic has created a large work-from-home culture for many, has the incidence of data breaches grown, and what can be done realistically to stop them?

Imran Ahmad:  In the cyberworld, with more employees working from home, more computers that connect remotely to a company’s network are getting infected with malware.  There are a number of steps a company can take to ensure safety online; steps like increasing the network’s layered security, implementing user account restrictions, deploying a security monitoring system, training employees on the dangers of cyber attacks, strengthening email security, and other measures.

With the threat for a cyber attack or breach so high, companies should be looking at their cyber incident response plans immediately to reevaluate their needs.  Make sure the plan is updated, make sure it is compliant with privacy requirements, and also look at industry specific requirements (i.e. the financial sector, health sector, etc. all have their own set of rules).  Most importantly, organizations should know who to call and when to call in the event that cyber breach occurs, so that they can mitigate the damage as soon as possible.


What are the legal implications for companies in Canada that experience cyber crimes?

Imran Ahmad:  Canada, for many years, lagged behind the US and other jurisdictions in terms of mandatory breach notification.  But that all changed under the Digital Privacy Act of 2015, which amended certain Canadian privacy regulations in three key ways.  Those changes include mandatory breach notification to affected individuals; keeping a record log for two years of any types of data breaches that occur; and imposing sanctions of up to $100,000 for each violation of the new law.  Now a Canadian company that experiences cyber crime has an obligation to put a public report out there.  This can have implications to the company’s reputation, etc.  That’s why cyber insurance coverage is becoming extremely popular; it offers companies a contingency plan if a cyber attack were to occur.

It was recently reported that Microsoft is taking legal action against COVID-19-related cybercrime by seizing hackers’ domains. What else is the tech world doing to combat these crimes?

Imran Ihmad:  Microsoft’s Digital Crimes Unit discovered criminals were deploying a sophisticated new phishing scheme designed to compromise customer accounts. They were using COVID-19-related lures in the phishing emails to target victims. As part of the attack, the criminals were able to gain access to customer email, contact lists, sensitive documents and other valuable information. Microsoft used technical means to block the criminals’ activity and disable the malicious application used in the attack.  I think the tech world is always evolving in its search for new ways to prevent attacks -  one way is through implementing blockchain technology to prevent DDoS attacks.  The blockchain protects the data so a system can ensure that it is protected from hackers.