• |

Sep. 16, 2015

Learning from the Target Data Breach About Effective Third-Party Risk Management  (Part One of Two)

  • Elizabeth Walker
    Cybersecurity Law Report
Companies and law firms are increasingly partnering with vendors and other third parties to outsource formerly in-house functions in order to reduce operating costs and increase focus on core businesses.  But, as Mintz Levin attorneys Cynthia Larose and Peter Day said during a recent webinar, the potential consequences of failing to adequately manage the risks associated with giving third parties access to highly confidential systems and information can be disastrous, as evidenced by the 2013 Target data breach.  In part one of our two-part article series, Larose and Day discuss lessons from Target’s breach and business and regulatory justifications for a strong third-party risk management (TPRM) program.  In part two, they will detail strategies for implementing and monitoring a TPRM program that protects companies’ data – and their clients’ and customers’ data – from third-party security breaches.  See “Designing and Implementing a Three-Step Cybersecurity Framework for Assessing and Vetting Third Parties (Part One of Two)” (Apr. 8, 2015); Part Two of Two (Apr. 22, 2015).

To read the full article

Continue reading your article with a CSLR subscription.

Most-Read Articles

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.

We Celebrate Data Privacy Day 2024

Read the full brief here.