Your Cybersecurity Is Only as Good as Your Vendors'
Law departments fret about their outside firms. But what about all those other vendors? How secure is their data?
By Sherry KarabinMarch 28, 2014
Thank you for sharing!
Your article was successfully shared with the contacts you provided.
As the number of cybersecurity breaches continues to rise, The New York Times is reporting that major corporations are requiring their law firms to increase security and then prove they did so.
Aditi Mukherji on FindLaw’s Free Enterprise suggests that small business owners should consider adopting this same tactic, especially with vendors. Mukherji reminds everyone the Target hackers breached the chain’s security systems by using electronic credentials stolen from a vendor, adding such breaches also put the company and owner at risk for legal liability.
Requiring a vendor to show proof of cybersecurity is one way to hold the vendor accountable, says Mukherji, as well as ensuring reliability and consistency in overall online security efforts.
Here are some practices Mukherji says must be addressed immediately:
Distribution: Be sure the vendor isn’t putting sensitive files on portable thumb drives or emailing documents to unsecure iPads.
Networks: Find out if vendor computers are linked to a shared network in countries like China or Russia, where hacking is prevalent.
Access: Determine how many people have access to sensitive information; the greater the number, the bigger the risk.
Proof of vendor cybersecurity should be one facet of a larger security plan that extends to other business relations, Mukherji advises.
In the Goulston & Storrs 2017 General Counsel Survey, fifteen percent of GCs or in-house counsel say they have the most difficulty identifying exposures, and this emerging risk is reshaping their role.
As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters.
Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss.
Tailored just for you. In your inbox. Every day.