(S07) (RESILIENCE) Legal Strategies Cybercriminals Fear – Cross-Methods France–Quebec
Tuesday, October 14, 2025 4:15 PM to 4:45 PM · 30 min. (Canada/Eastern)
Information
Time is running out: in 2024, a cyberattack hits an organization every 11 seconds worldwide. The average cost of a data breach now reaches $4.88M according to IBM, but this figure hides the real threat: 60% of SMEs hit by a major cyberattack shut down within six months.
Beyond ransom payments, indirect costs are devastating—loss of customer trust, operational paralysis, and fines of up to 4% of annual revenue. The shockwave goes far beyond the initial incident.
With the industrialization of cybercrime (Ransomware-as-a-Service, malicious AI), technical defenses alone are no longer enough. Cybercriminals exploit both code and law, manipulating notification obligations to maximize pressure.
Fight back with their own weapons: the law can become your most effective shield. This France–Quebec joint session will reveal concrete legal strategies to:
Prepare for notification obligations (CNIL/NIS2 in France, Law 25/PIPEDA in Quebec);
Avoid contractual blind spots in liability and security;
Place forensic investigations under legal privilege to limit judicial exposure;
Understand the legal constraints and sanctions around ransom payments;
Effectively mobilize relevant authorities (ANSSI, CNIL, CAI, SQ/RCMP, CCCS);
Seek recourse after an incident (liability, compensation, civil action).
A strategic and operational insight that could save your organization.
Beyond ransom payments, indirect costs are devastating—loss of customer trust, operational paralysis, and fines of up to 4% of annual revenue. The shockwave goes far beyond the initial incident.
With the industrialization of cybercrime (Ransomware-as-a-Service, malicious AI), technical defenses alone are no longer enough. Cybercriminals exploit both code and law, manipulating notification obligations to maximize pressure.
Fight back with their own weapons: the law can become your most effective shield. This France–Quebec joint session will reveal concrete legal strategies to:
Prepare for notification obligations (CNIL/NIS2 in France, Law 25/PIPEDA in Quebec);
Avoid contractual blind spots in liability and security;
Place forensic investigations under legal privilege to limit judicial exposure;
Understand the legal constraints and sanctions around ransom payments;
Effectively mobilize relevant authorities (ANSSI, CNIL, CAI, SQ/RCMP, CCCS);
Seek recourse after an incident (liability, compensation, civil action).
A strategic and operational insight that could save your organization.
Type
Session
Stage
Resilience Stage
Registered attendees
Cameron WRIGHT
Head of Aviation CybersecurityIATA