American Bar Association offers 'checklist' for mitigating vendor cyber risks

Recent high-profile data breaches underscore the cybersecurity risks from vendors and third-parties and that data security “is only as strong as the weakest link,” according to the American Bar Association in announcing the release of its recommendations for addressing information-security requirements in procurement contracts.

The ABA's “Vendor Contracting Project: Cybersecurity Checklist” provides a three-step process for managing vendor risks. The ABA offers advice on: “Conducting a risk management assessment of the proposed vendors, to identify relevant threats to security;...