When your organization has experienced a cyberattack, you need to act quickly to determine what happened, what information was compromised and who needs to be notified. A breach coach can help you respond to an attack while minimizing your legal and reputational risks.
Many organizations do not have in-house experts trained in responding to cyberattacks. Breach coaches are lawyers with experience in privacy law and cybersecurity. They act as your main point of contact following a breach. They assemble all the experts you’ll need – including IT personnel, forensic investigators and communications professionals – to help you respond effectively.
To ensure the fastest response to a cyber incident, you can have your breach coach on a retainer agreement. This will allow you to move quickly and make sound decisions following a breach – rather than scrambling to find someone to help when the stakes are so high. Here are six reasons why you need a breach coach.
1. You need legal privilege
Information you disclose to your breach coach is protected by legal privilege. While you may be required to publicly disclose certain details about your breach, conversations with your lawyer are confidential. Your breach coach cannot disclose any information you give them without your consent, offering you an added measure of security.
In addition, your breach coach will work with third-party vendors such as forensic investigators to respond to a cyber incident. The conversations your breach coach has with these vendors when responding to a breach are arguably also protected by legal privilege.
2: Your need a project manager
Breach coaches act as your project manager, bringing together the team you’ll need to deal with the fallout of a cyberattack. Breach coaches advise you on your responsibilities following a cyberattack and can also help ensure you don’t say or do anything to make a bad situation worse. They not only give you legal advice, but strategic advice to help you manage reputational risks arising from a breach.
3: You need a forensic investigator
Before determining how to respond to a breach, you need to know exactly what happened. Your breach coach can help you hire a forensic investigator to determine the scope of the breach. How did it happen? What information was lost? Can it be recovered? How many people were affected? The answers to all of these questions will inform what you do next.
Breach coaches typically have existing relationships with forensic investigators and other third parties, allowing you to respond quickly. They can also work with third parties of your choosing.
4: You may need to report the breach
Breaches may need to be reported to impacted individuals, privacy regulators and others. For example, for many organizations in Canada, if your breach represents a real risk of significant harm (RROSH), you must report it to the affected individuals and the Office of the Privacy Commissioner of Canada. Your breach coach will consider the sensitivity of the personal information involved and its potential for misuse to determine whether RROSH exists and advise you on your reporting obligations.
You may be contractually obligated to notify third parties of a breach. Depending on your industry, you may also have to report a breach to your regulator. A breach coach can review your contracts and regulatory obligations to ensure you’re compliant with your reporting requirements.
5: You need a communications strategy
Doing and saying the wrong things after a breach could tarnish your brand and potentially lead to third-party claims. Your breach coach can help you avoid making any statements that could expose you to claims or regulatory action. If necessary, your breach coach can also connect you with a PR firm to manage your communications strategy with customers, employees and the media following a breach.
6. Your insurance may already include access to a breach coach
Many insurers offer clients access to a panel of approved breach coaches as part of their cyber insurance coverage. If you’re an existing MLT Aikins client, having us added to your insurer’s list of approved breach coaches can help ensure a quicker response in the event of a data breach. Our cybersecurity lawyers can also be retained as breach coaches in advance of an incident, allowing you to react quickly.
Cyberattacks are stressful events, to put it mildly. An experienced breach coach can serve as a steady hand at the wheel, making sure you are taking the necessary steps to respond to a breach and comply with your legal obligations. The lawyers in our Privacy, Data Protection & Cybersecurity practice group have served as breach coaches to clients across Canada. Contact us to learn more.
Note: This article is of a general nature only and is not exhaustive of all possible legal rights or remedies. In addition, laws may change over time and should be interpreted only in the context of particular circumstances such that these materials are not intended to be relied upon or taken as legal advice or opinion. Readers should consult a legal professional for specific advice in any particular situation.