Canadian HR Reporter is the national journal of human resource management. It features the latest workplace news, HR best practices, employment law commentary and tools and tips for employers to get the most out of their workforce.
Issue link: https://digital.hrreporter.com/i/1017611
CANADIAN HR REPORTER SEPTEMBER 2018 NEWS 7 Boards of directors play important role maintaining cyber resilience: Survey Cross-organizational training, HR also key components of proper strategy BY JOHN DUJAY BOARDS of directors can pro- vide significant aid in helping or- ganizations become more cyber resilient, according to a global survey. "It's important for companies to understand that achieving cy- ber resiliency is a company-wide imperative, one that shouldn't be sequestered to certain roles or functions," said Anthony Agos- tino, global head of cyber risk at Willis Towers Watson in New York, which sponsored the survey. "Boards should emphasize the need for a strategic framework, and the C-suite should set the tone within their organizations by empowering stakeholders, such as IT, risk, HR, legal and compliance, to drive an integrat- ed risk management and resil- iency strategy." It's critically important — in the past year, about one-third of the organizations experienced a "seri- ous cyber incident" that disrupted operations, found the survey of 452 board members, including 50 in Canada and 100 in the United States, by the Economist Intelli- gence Unit (EIU). However, only 13 per cent rated themselves as "well above average" in terms of learning from these types of incidents. What is cyber resilience? Most large companies already have extensive cybersecurity in place, but it's the ability to bounce back and continue regular opera- tions that makes all the difference, according to Rachael Bryson, se- nior research associate in national security and public safety at the Conference Board of Canada in Ottawa, which published the study Building Cyber Resilience in July. "It's an organization's ability to limit the impact of cyber disrup- tion, maintain critical functions and rapidly re-establish normal operations, following cyber inci- dents," she said. "There are critical functions that must be maintained. And the difference between just kind of surviving some sort of a cyber incident, and then being able to actually return the business op- erations, and possibly learn from it and become better, is rapidly re- establishing normal operations; there seems to be a strong cor- relation between the speed with which normalcy is achieved and the actual success in coming out of the cyber incident." "The acknowledgement that something could happen because hackers are actively targeting you is merged over to this aware- ness that everybody has a certain amount of vulnerability because we cannot know all of the system flaws out there until they're ex- posed in one way or another," said Bryson. But while a lot more companies are aware of the need for strong resilience, "not everybody is doing it and not everyone understands exactly how you can go about starting," she said. While awareness could be bet- ter, recent events profiled in the media are making a difference, said Rahul Bhardwaj, president and CEO of the Institute of Corporate Directors (ICD) in Toronto. "Cybersecurity risk has be- come prominent in the minds of directors more than ever before," he said. "Incidents such as the Cambridge Analytica and Equi- fax security breaches helped to increase awareness." In April, an ICD survey found 42 per cent of respondents identi- fied cyber risk or security of infor- mation as their number-one con- cern — double the number who cited changing regulations and disruptive technology, and triple the number who cited global eco- nomic instability as their number- one concern. e right questions In executing a cyber-resilience strategy, it behooves boards of di- rectors to not remain high above the fray, but rather ask tough questions of the C-suite, accord- ing to Patricia Kosseim, counsel in privacy and data management at Osler in Ottawa. "A question for the board that is important to ask is 'What level of resources does the organiza- tion dedicate to technical secu- rity, the physical hardware and software?' But also, it's important for the board to make sure that it asks questions about whether or not management feels it has the necessary technical skills or capacity to deal with the evolv- ing cybersecurity landscape," she said. PROACTIVE > pg. 20 To order your subscription call 1.800.387.5164 or 416.609.3800 www.payroll-reporter.com/subscribe Canadian Payroll Reporter is designed to keep you up to date on legislation, regulations, court decisions, technology advances and other developments that affect payroll departments. With the help of Canadian Payroll Reporter you will be able to prioritize your needs and invest in options that optimize your resources. Discover the latest policies and initiatives of the CRA, and how to apply them to your workplace. Receive timely information on pension reform, tax changes, parental leave and other requirements that affect the payroll function. PROVEN METHODOLOGY, PROFOUND IMPACT AND SUSTAINABLE RESULTS Access a sample issue now at: bitly.com/CPR-FreePreview-16 Subscribe today for only $99 * Order No. 20186-18-64768 Save $86 Payroll Reporter Can R Can R adian adian a www.payroll-reporter.com September 2016 see BRITISH COLUMBIA page 7 PM #40065782 Legislative Roundup Changes in payroll laws and regulations from across Canada News in Brief pg. 4 Feds still working to fi x Phoenix payroll problems|B.C. Tax Commission to issue report in October|Little change in average weekly earnings in May Ask an expert pg. 5 Reporting fake SINs|Successor employers and vacation entitlement |Maintaining benefi ts while on leave Alberta Reminder: Minimum wage rates going up The general minimum wage rate in Alberta will rise from $11.20 an hour to $12.20 on Oct. 1. The rate will now apply to liquor servers since the government is eliminating a separate minimum wage rate for them on Oct. 1. Other minimum wage rates are also going up at the beginning of October. The rate for certain salespersons specified in provincial regulations will rise from $446.00 per week to $486.00. The rate for domestic employees who live in their employer's residence will in- crease from $2,127 per month to $2,316. Labour Minister Christina Gray says the government will keep an see CONSIDER on page 6 Credit: Adwo/Shutterstock New folio pg. 3 The CRA has retired its Employee Fringe Benefi ts Employer Interpretation Bulletin and replaced it with a new Income Tax Folio chapter. Advocacy leads to changes Canadian Payroll Association works with government to ensure payroll's voice is heard BY SHEILA BRAWN CODES NOW replace footnotes on the T4. There are now higher thresholds for Can- ada Revenue Agency (CRA) and Revenu Québec accelerated remitters. There are now graduated penalties for late remittanc- es. The timeframe for issuing electronic ROEs now better aligns with pay cycles. These are just some of the changes the Canadian Payroll Association (CPA) has successfully advocated for governments to make in recent years. From source deduc- tions to year-end reporting to employment standards and workers' compensation, CPA president and CEO Patrick Culhane says the association regularly works with government officials and civil servants to make payroll-related laws more efficient and effective for employers, government, employees and the general public. "Advocacy is important to us," says Culhane. "Our core purpose is payroll compliance through education and see GRADUATED page 2 Payroll technology changes don't have to cause headaches Research, well-defi ned plan and stakeholder inclusion help transition BY KIM GROOME BECAUSE PAYROLL plays such a critical role, it can be easy to jus- tify keeping your existing solution even when it means managing work-arounds, manual processes and maintaining external spread- sheets. In spite of this, to provide the best possible experience for em- ployees and to make a more strategic impact in your organization, The Canada Revenue Agency in Ottawa has worked with the Canadian Payroll Association through the years in making changes to payroll-related laws. Start your subscription and receive: • 12 issues of Canadian Payroll Reporter • Full access to www.payroll-reporter.com (including a searchable archive of articles) • Email alerts to keep subscribers up-to-date on breaking news and notifications of new issues TAKE ADVANTAGE OF OUR SPECIAL INTRODUCTORY OFFER *Available to first-time subscribers only