Article
What Counsel Should Ask Before Relying On A Vendor’s Cybersecurity Evidence – SAV Associates Guide
In-house counsels are increasingly asked to rely on cybersecurity evidence that was not written for lawyers. A vendor may provide a SOC 2 report, ISO 27001 certificate, penetration test summary, cyber insurance certificate, or completed security questionnaire. The document may look reassuring. The harder question is whether it actually answers the risk question in front of the business.
SAV Associates