Learning from the Target Data Breach About Effective Third-Party Risk Management (Part Two of Two)

Third-party relationships are integral to companies of all sizes, and bring with them increasingly sophisticated cybersecurity risk, as highlighted by the Target data breach.  In our continued coverage of a recent third-party risk management webinar, Mintz Levin attorneys Cynthia Larose and Peter Day provide concrete strategies for implementing and monitoring a third-party risk management program that protects data from third-party security breaches.  In part one, they discussed lessons from Target’s breach, and business and regulatory justifications for a strong third-party risk management program.  See also “Designing and Implementing a Three-Step Cybersecurity Framework for Assessing and Vetting Third Parties (Part One of Two),” Cybersecurity Law Report, Vol. 1, No. 1 (Apr. 8, 2015); Part Two, Vol. 1, No. 2 (Apr. 22, 2015).

To read the full article

Continue reading your article with a CSLR subscription.