EY Canada teams up to launch cybersecurity crisis communications solution
Accounting, legal and communications firms to offer a unique, made-in-Canada solution
TORONTO, February 13, 2019 – In a first for the accounting profession in Canada, a member of the Big Four has teamed up with prominent firms in the legal and communications professions to offer a made-in-Canada crisis communications solution for cybersecurity breaches. Ernst & Young LLP (EY Canada), law firm Norton Rose Fulbright (NRF) in Canada, and Provident Communications Inc., announced this week that they had teamed together to provide enterprise clients with a single, fully integrated source for cybersecurity, legal and crisis communications expertise.
In addition to offering a complete suite of services in a range of cybersecurity crisis and compromised privacy scenarios, the three firms are leveraging their unique experience base to develop a strategic playbook to enable boards and management teams to confidently and strategically respond to an emerging data breach.
Wojtek Dabrowski, a managing partner at Provident Communications, told Canadian Accountant that “The playbook is a comprehensive guide for boards and senior executive teams on how to respond and manage a cybersecurity incident. It combines the legal knowledge of Norton Rose Fulbright in Canada, the technical expertise of EY Canada and the reputation management and crisis communications expertise of Provident. The playbook itself is a written guide customized for individual clients and it will be available both physically and as a digital document.”
The unique offering is a purely Canada-focused solution, bringing together the collective Canadian expertise of the three firms and targeting Canadian enterprises, according to Dabrowski. All large enterprises in Canada, regardless of industry, are vulnerable to cybersecurity threats. In fact, according to the 2019 EY CEO Imperative Study, national and corporate cybersecurity threats are seen as the greatest concern facing the world economy over the next 10 years.
Cybersecurity Risks in Canada
According to the Office of the Privacy Commissioner of Canada, more than 28 million Canadians were affected by a data breach between November 2018 and November 2019. At the same time, the EY Global Information Security Survey found that 77% of companies globally are operating with only limited cybersecurity and resilience.
With data breaches on the rise, the stakes couldn’t be higher: A 2019 study conducted by the Ponemon Institute and sponsored by IBM found the average cost of a data breach in Canada is $4.4 million, making it the fourth most costly location for a cyberattack in the world. “The volume, variety and sophistication of cyberattacks are growing daily,” says Yogen Appalraju, EY Canada Cybersecurity Leader.
“At the same time, new regulatory and compliance obligations and other stakeholder expectations have introduced additional complexity that impacts the ability of organizations to rapidly respond to threats. Our combined cybersecurity, legal and communications offering will enable companies to be better aligned and respond with more speed and effectiveness during a crisis."
How will the new product fit in with EY Canada’s overall cybersecurity services? “We’re focused on supporting our clients throughout the entire cyber threat lifecycle: from preparedness and response, to recovery and review of how to improve to prevent future incidents,” Appalraju told Canadian Accountant.
“This new collaboration will take our commitment to providing our clients with the best possible service one step further by offering on-demand legal aid and communications strategy support with NRF and Provident. Ensuring the appropriate legal, risk management and public relations protocols are available is critical to addressing cyber incidents effectively and maintaining trust with all stakeholders in the wake of a crisis.”
A Unique Partnership and Offering
Norton Rose Fulbright is a global law firm providing the world’s preeminent corporations and financial institutions with a full business law service. Provident Communications Inc. is a Toronto-based strategic communications agency with national and global reach.
“This is a new service offering provided by EY and, that we’re aware of, in Canada,” says Appalraju. “Collaborating with Provident and NRF, in particular, ensures we’re providing a fully-integrated service that touches on all critical elements needed to respond quickly and effectively to cybersecurity threats and potential crises — helping organizations balance the need to mitigate damage, while proactively communicating to stakeholders and complying with regulatory obligations.”
Walied Soliman, partner and Canadian chair of Norton Rose Fulbright, says, “While a number of Canadian organizations are world leaders when it comes to investing in IT security infrastructure, many remain unprepared to effectively manage an incident when those defences fail and sensitive customer data is compromised. Our strategic playbook will empower boards and executive leadership teams to anticipate, identify and proactively address potential gaps in their planning, thereby ensuring that they have a clear action plan in place for when a crisis strikes.”
Colin Ellis is managing editor of Canadian Accountant. With files from Provident Communications. Image by cristianrodri17 from Pixabay.