New cybersecurity laws like New York Department of Financial Services’ Cybersecurity Regulation reflect a larger cultural transformation in the way companies are treating vendor risk. This change is not only a necessary evolution in the way companies conduct business with each other, but also with their clients. C‑level leaders will have to make tough decisions early on to help set the tone given the ripple effect of their actions. In this guest article, Jessica Robinson, CEO of PurePoint International, provides five important considerations for C‑level leaders to keep in mind as they seek to manage vendor risk effectively in the current regulatory environment. See “The NYDFS’ Cybersecurity Regulation’s Third-Party Requirement and Beyond” (Mar. 6, 2019).