GC Requires Outside Law Firms to Encrypt Communications

CybersecurityThe general counsel of Marsh & McLennan Companies has started requiring the company’s biggest outside law firms to use an anti-hacking electronic communication technology known as Transport Layer Security, according to a report from Bloomberg Law.

The report quotes Peter Beshar: “What we have done here is gone out to 12 or so of the biggest law firms on the most sensitive matters and insisted, ‘You can’t communicate with us other than through TLS,’ and everyone has signed up by it.”

Beshar identified three of the firms are Cravath, Swaine & Moore, Davis Polk & Wardwell and Gibson Dunn & Crutcher.

TLS prevents any unauthorized senders or recipients from entering and intercepting communication — protecting “data in transit” from being hacked, explains reporter Casey Sullivan.

Read the Bloomberg article.

 

Join Our LinkedIn Group

 

 




Contract Terms Associated with Data Breaches – It’s a Balancing Act

Information securityCompanies’ increased awareness of the substantial costs and exposure associated with data breaches has motivated them to beef up their data security requirements in vendor contracts, write Emily R. Lowe and Susan Milyavsky of Morgan Lewis & Bockius in an article posted on Lexology.com.  They write that companies should consider some basic issues that frequently arise when negotiating data security provisions.

“Because customers want the maximum protection, vendors should carefully consider how broad a requested representation is. It’s a balancing act, because vendors need to be able to be able to provide certain security controls to win business, but they also need to also understand the difference between providing an adequate degree of protection for their customers and an insurance policy,” the authors explain.

And cyber-liability insurance may be a mechanism for a company to mitigate its exposure with respect to damages associated with security breaches.

Read the article.