Security liability

Cloud Services University Forums Security Security liability

Viewing 2 posts - 1 through 2 (of 2 total)
  • Contributor
  • #17124 votes: 0
    Barry B

    What is my potential liability if I recommend a Security solution provider to a client who is breached after implementing the solution the provider sells them? Is there a “cyber breach” liability insurance policy that covers me for just such a scenario?

    #17143 votes: 0
    Ivan P

    @barrybazen – This is a good question. The short answer to it is no. I will explain further.

    The SLA between the end user and the supplier is agreed upon prior to the execution of the contract. It would state what action(s) and or safeguards are available to each party if a breach was detected post installation. (Note: often a network might be infected prior to the execution of the contract, so there are many variables here…)

    There is cybersecurity insurance, but it normally uses post the breach for remediation, forensic, customer notification and alike services.

    Cybersecurity is different to each entity, many organizations have compliances, (HIPAA, NIST, PCI) some are state-regulated, (GDPR, NYSDFS). Some private companies like Target, Home Depot, and Sony, for example, will not do business with a third party unless they can prove cyber awareness. Therefore security is required.

    What I have experienced in the past is that having a Managed Service installed correctly can identify, defend and if necessary, remediate many types of infiltration. (No security service I am aware of is full proof.)


Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.