Choose Site
TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
Contract Corner
On June 4, 2021, the European Commission adopted its long-anticipated updated Standard Contractual Clauses (New SCCs) for use by organizations transferring personal data outside of the European Economic Area (EEA) to third countries that do not provide adequate protections in respect of personal data. For more information, read our June 10 LawFlash, New European Standard Contractual Clauses Adopted for International Data Transfers. In this post we look at some of the things that organizations will need to consider when updating their current standard contractual clauses (SCCs).
The United Kingdom’s Department for Digital, Culture, Media & Sport (DCMS) is requesting views on supply chain cybersecurity, which it will look to incorporate into its new National Cyber Security Strategy.

A common concern of parties involved in technology transactions is the potential high costs incurred in the event of a data breach. In an attempt to establish the legitimacy of the amounts one can actually expect to face, the Ponemon Institute, considered the preeminent research center dedicated to privacy, data protection, and information security policy, published the Cost of a Data Breach Report setting forth a vast data set that analyzed data breaches at over 500 organizations to spot trends and developments in security risks and best practices.

As discussed in a post from earlier this week, President Joseph Biden issued an executive order on May 12, 2021 to improve the nation’s cybersecurity. The White House has put its proverbial money where its mouth is by proposing a $58.4 billion information technology spending plan that includes $9.8 billion specifically earmarked for civilian government cybersecurity measures as well as an expedited push towards SaaS and cloud services solutions.

As many of our readers are aware, President Joseph Biden issued an executive order on May 12 to improve the nation’s cybersecurity. While much of the executive order focuses on strengthening the federal government’s networks from cybersecurity threats, “[t]he private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace.”
Last week, we posted on the guidance issued by the US Department of Labor (DOL) for plan sponsors, plan fiduciaries, recordkeepers, and plan participants on cybersecurity best practices. Last week’s post focused on the guidance provided for hiring a service provider. In this week’s post, we will highlight some the DOL’s cybersecurity program best practices for use by recordkeepers and other service providers responsible for plan-related IT systems and data.
The US Department of Labor (DOL) recently announced guidance for plan sponsors, plan fiduciaries, recordkeepers and plan participants on cybersecurity best practices. The guidance focuses on three areas: (1) tips for hiring a service provider; (2) cybersecurity program best practices; and (3) online security tips. In this post, we will focus on the DOL’s tips for plan sponsors and plan fiduciaries in selecting a service provider.
As part of its five-year, £1.9 billion ($2.65 million) national cybersecurity strategy, the UK government on February 9 announced the launch of the UK Cyber Security Council (Council), a new independent body to support career opportunities and set professional standards for the UK’s cybersecurity sector. The Council will be formally launched on March 31, 2021.
Spotlight
Welcome to the second post in our Spotlight series, where we talk with a leader in a particular field or emerging area of interest to technology and sourcing lawyers and professionals.
Contract Corner
Cybersecurity has earned its place at the top of organizations’ risk concerns during the COVID-19 pandemic. Remote working, an array of communication solutions and hardware being used by organizations, and the accelerated leveraging of cloud-based outsourcing solutions have increased the chain of potential vulnerabilities to cyberattacks.