• |

May 14, 2025

“Everyone Wants to Speak to the CISO” and Other Realities of Addressing Vendor Breaches

  • Matt Fleischer-Black
    Cybersecurity Law Report
Breaches at technology vendors are distressingly common. A recent study of 2000 top-ranked companies revealed that 80 percent of them used multiple vendors that suffered a breach. Vendor and supply chain cyber incidents pose many challenges, but common practices have emerged for navigating third-party breaches in recent years. This article examines practical goals for vendors’ breach communications in the first 72 hours and beyond, as well as handling notifications and recommended contract provisions, with insights from experts at Cooley, FTI Consulting, Holland & Knight, Morgan Lewis and Ropes & Gray. See “Ransomware and Incident Response Considerations for Global Companies” (Nov. 29, 2023).

To read the full article

Continue reading your article with a CSLR subscription.

Most-Read Articles

Women to Watch: Contributions, Achievements and Observations of Outstanding Female Professionals

To mark International Women’s Day, women editors and reporters at ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Law Report Group editors Jill Abitbol, Robin L. Barton and Megan Zwiebel profile notable women in data privacy, cybersecurity, private funds and anti-corruption law, including Anne-Gabrielle Haie, Jessica Lee, Micaela McMurrough, Laura Perkins, Amanda Raad, Madelyn Calabrese, Ranah Esmaili and Genna Garver. Enjoy reading their inspiring remarks here.

Celebrating Data Privacy Day 2025

Read the full brief here.

Cybersecurity Awareness Month

Read the full brief here.