IT, Privacy and Security
What makes for effective decision-making?
I was talking with a friend about decision-making and decided to put together a list of principles for effective decision-making. This is my first shot. What do you think? What would you change?
Working from home: Cybersecurity checklist
Cyber attacks were a serious risk even before the COVID-19 pandemic. As many organizations have instituted work-from-home procedures, the risk is elevated. The increase of non-standard communications, the use of new and untested remote working arrangements and a heightened level of stress and anxiety all create new vulnerabilities for threat actors to take advantage of. Incorrectly addressed emails, theft of company devices and a massive increase in remote connections all increase the risk of a successful cyber attack.
Impact of digitized environments & modern workplaces on internal investigations
One of the hallmarks of a successful investigation is rooted in the expression “knowing what you don’t know.” An experienced investigator knows a lot about a lot of things – different types of fraud, corruption, theft, misconduct, and the psychology underlying what motivates people to violate the trust that has been placed in them.
Time to wake up to risk reality
For 11 years, the ERM Initiative at North Carolina University has surveyed executives (this year they were again all financial executives) about what they call “the current state of risk oversight processes in organizations of all types and sizes to obtain an understanding of the relative maturity of underlying activities executives and boards use to monitor the rapidly changing risk landscape”.
Consuming and creating digital media in the era of COVID-19: Copyright rules to remember
The recent increased activity in the consumption and creation of digital media because of social distancing makes it a prime time for a copyright law refresher.
Website cookies in Canada: is consent required?
Website cookies are small files sent by websites to users’ computers, usually without knowledge or specific consent. Cookies can be used to personalize a website, remember users’ preferences, and retain products in electronic shopping carts. A bigger concern for regulators is that cookies can also be used to track online behaviour, activities and interests, and can be accessible by third parties.
Considerations for directors during the COVID-19 pandemic
The COVID-19 pandemic has affected, and continues to affect, Canadian businesses in a significant manner. As this situation continues to evolve, directors should remain cognizant of their duties and responsibilities as corporations face a range of challenges, including liquidity issues.
COVID-19 and electronic contracting
For years, organizations have moved their businesses digital. To consummate transactions and to otherwise engage in contractual activities, organizations have increasingly relied on electronic means of contracting using everything from webwraps and clickwraps (and hybrid variations of these forms of agreements) and electronic documents executed using electronic signatures.
Everybody should be familiar with this
Scenario analysis is a method for creating responses to various future events with the aim of reducing uncertainty and maximizing the chances of achieving a desired outcome.
Cyber insurance in the COVID-19 landscape
Cyber insurance provides protection and coverage for the security and privacy of digital information and losses resulting from data breaches.
Fiscal year ends, business continuity, and COVID-19
At the best of times, fiscal year ends are challenging. Organizations with upcoming or recent fiscal year ends will undoubtedly find them particularly challenging. Organizations with robust policies and procedures will likely fare better than those without. Consequently, it will be helpful to start your year end planning as early as you can.
COVID-19: Managing material contracts in crisis
Whether engaging external help or undertaking the process in-house, the checklist below can help organizations prioritize their contractual relationships and identify practical steps to manage material contracts through this current crisis.
Risk-based cyber risk reporting
I encourage you to subscribe (free) to McKinsey’s frequent reports. Their latest, Enhanced cyberrisk reporting: Opening doors to risk-based cybersecurity has some good observations. Unfortunately, their ideas for addressing the problem don’t work for me.
Additional amendments to Proceeds of Crime (Money Laundering) and Terrorist Financing Act Regulations issued
On February 15, 2020, draft amending regulations (the “Draft Regulations”) were issued, proposing a number of amendments to be made to the prior amendments to the regulations (the “Regulations”) under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (the “PCMLTFA”). The Draft Regulations are open for comment until March 15, 2020 and will come into force on the day they are registered.
COVID-19: key issues every organization should consider
The COVID-19 pandemic raises critical and unprecedented issues for all organizations. How an enterprise responds to these challenges will influence how it fares through the crisis and its positioning for recovery afterwards. We believe that the issues below warrant special attention by senior management and directors.
Resources and offers
