In her CSO Magazine article discussing “Cybersecurity in the Supply Chain: Strategies for Managing Fourth-Party Risks,” Contributing Writer Linda Rosencrance asked CM Law Partner & Technology Practice Chair Reiko Feaver about strategies CSOs can implement to address the potential cybersecurity risks to their supply chain posed by fourth-party providers.
She notes that third-party vendors are a well-known risk, but that fourth-party vendors have become a serious supply chain cybersecurity blind spot. Unlike third parties who have direct contractual relationships, fourth parties – the suppliers that vendors rely on – often operate in the shadows.
Reiko explains that sharing any confidential information – whether directly or passed down to contractors, agents, or representatives – should be governed by strong confidentiality obligations, as the direct supplier is responsible for protecting its own proprietary information and that of its vendors.
“I can’t see how it’s reasonable for the direct vendor to withhold these relationships from its customers,” Feaver says. “It would be up to the direct vendor to protect that information vis-à-vis its customer. It is common to restrict disclosures of certain types of proprietary information from disclosure to or use by competitors. Of course, the more confidential information is gathered, the more risk of a violation of confidentiality obligations and associated liability.”
Read the full article here
CM Law PLLC (cm.law) – formerly Culhane Meadows PLLC – is the largest full-service business law firm in the nation that is both women-owned and managed (WBE). Designed to provide experienced attorneys with an optimal way to practice sophisticated law while maintaining a superior work/life balance, the firm offers fully remote work options, a transparent, merit and math-based compensation structure, and a collaborative culture. Serving a diverse clientele—from individuals and small businesses to over 40 Fortune-ranked companies—CM Law is committed to delivering exceptional legal services across a broad spectrum of industries.
The foregoing content is for informational purposes only and should not be relied upon as legal advice. Federal, state, and local laws can change rapidly and, therefore, this content may become obsolete or outdated. Please consult with an attorney of your choice to ensure you obtain the most current and accurate counsel about your particular situation.
