Brian Kint discusses the response of corporate legal departments to the SolarWinds Corp. supply-chain attack in Bloomberg Law. As a result of the attack, many companies are reviewing contracts with third-party vendors to ensure that industry security standards and indemnification provisions are met.
“This incident will have us rethinking contracts,” Brian said. “If contracts don’t already have risk-shifting in them, you’re going to see that more and more.”
As part of the review, companies are ensuring that contracts that include security audits and include indemnification provisions that shift potential costs in the event of a breach from one party to another. Brian also notes that, “Businesses and their in-house counsel should look at vendors’ incident history and ask them about their software patching process and the robustness of their security teams.
To read the full article, click here. (subscription required)