skip to main content
Back to all blog posts

Posted in: Data Protection | Data Security/Privacy

Jun 6, 2017

Report Indicates that Most Small Businesses Are Not Prepared for a Cyber Incident

According to a May 2017 report by U.S. data firms Advisen and Experian, “seventy-five percent of insurance brokers and legal experts noted that their small business clients were either ‘not prepared at all’ or ‘not very well prepared’ to respond to a cyber incident.” The report highlights the “misconception that small businesses are too small to be targeted by hackers, when in reality they are often the lowest hanging fruit.” The report also states that less than a quarter of experts’ small business clients “were confident in their team’s ability to manage a cyber incident.”

Phishing and social engineering remain top concerns of risk managers and experts. As Aird & Berlis lawyers Paige Backman, Donald Johnston and Meghan Cowan noted in a February 2017 webinar, 60 to 90 percent of threats of IT systems are caused by “insiders” — people who have authorized access to hard and soft technology assets, including employees, contractors, business partners, suppliers, service providers/subcontractors and technology escrow providers. Please access the webinar archive and PDF presentation for more information, including steps to mitigate threats to your IT system.

Data security risk increases in the context of employee turnover. Please see lawyer Aaron Baer’s recent post on how to protect sensitive and confidential corporate data when an employee leaves.

Related Blogs

Posted in: Data Protection | Privacy | Data Security/Privacy

Insights TheSpotlight
Ontario Court of Appeal Established New Privacy Rights – Utility Consumption Data and Grow Ops By Paige Backman Aug 21, 2017 If you are a utility monitoring consumption data, think twice before providing any of that information to the police. You may need to ensure the police first provide you with a warrant or other judicial authorization specifically requesting the information. The Ontario Court of Appeal, distinguis...

Posted in: Data Security/Privacy | CASL | GDPR | Data Protection

Insights TheSpotlight
With All Eyes Turned to CASL, is Anyone Paying Attention to GDPR? With Less Than 1 Year Before GDPR Takes Effect, Make Sure Your Organization is Ready By Paige Backman and Aaron Baer Jul 21, 2017 In early June, the Government of Canada came to its senses by suspending the provision of Canada’s Anti-Spam Legislation (“CASL”) that would have enabled a private right of action to be brought as of July 1, 2017. While this decision provided temporary relief to businesses who f...

Posted in: Data Security/Privacy | Data Protection

Insights TheSpotlight
Cyber Security, Risk, Response and Cyber Insurance By Paige Backman, Aaron Baer and Monica Carinci Jul 10, 2017 Relying on cyber infrastructure to operate has become fundamental to most businesses. Critical infrastructure, such as the power grid, hospitals, emergency response, water and transportation (land, water and air) rely heavily on cyber infrastructure that is often networked with many other systems...