Eric is a cybersecurity lawyer who helps clients with every aspect of cybersecurity compliance, including overcoming cyber incidents such as ransomware, data breach and business email compromise.
He brings a results-driven, big-picture perspective to incident response, ensuring that no time is wasted, tasks are appropriately prioritized, legal privilege is preserved, and the client's core constituencies are protected.
Eric routinely advises clients on complex cross-border incidents and liaises with federal, provincial and sectoral regulators in Canada and abroad. He has overseen national and international breach notification campaigns, all while minimizing brand impact whenever possible.
Eric also prepares clients, pre-breach, for cybersecurity incidents. He advises clients on their data practices, including collection, retention, destruction and mapping. He prepares client-specific incident response plans, evaluates cyber hygiene and conducts preparedness exercises, including attack simulation.
Eric regularly provides transactional advice regarding cyber and privacy risk. He has worked with clients in virtually every sector of the Canadian economy, including public, private, not-for-profit, energy, finance, insurance, education, healthcare, retail, technology, and professional service firms.
He is a certified information privacy professional (CIPP/C), with extensive knowledge of Canada's evolving privacy law landscape.
Eric is also a cyber insurance expert, and has represented insurers on some of Canada's largest cyber claims.
Experience
- Canadian engineering firm on complex ransomware attack, including notification to federal and provincial regulators and impacted individuals.
- North American retailer on complex data theft, including notification to Canadian, American and Mexican regulators and impacted individuals.
- Canadian university on complex ransomware attack, including notification to ministry and provincial regulators.
- Canadian investment dealer on business email compromise, including notification to regulators and individuals.
- Coverage counsel to numerous insurers on cyber insurance claims, including some of the largest in Canada's history.
- Canadian engineering firm on complex ransomware attack, including notification to federal and provincial regulators and impacted individuals.
- North American retailer on complex data theft, including notification to Canadian, American and Mexican regulators and impacted individuals.
- Canadian university on complex ransomware attack, including notification to ministry and provincial regulators.
- Canadian investment dealer on business email compromise, including notification to regulators and individuals.
- Coverage counsel to numerous insurers on cyber insurance claims, including some of the largest in Canada's history.
