Skip to content

Security – A Major Contracting Challenge

July 6, 2010

There are many who prefer to ignore the networked world. It creates all sorts of uncomfortable questions. But it won’t go away – and it is producing a growing number of challenges for anyone involved in contracting.

Most contracts today include a variety of clauses related to data protection, information security, disaster recovery; we look for undertakings, indemnities, confirmations of compliance.  Buyers struggle to decide the level and methods to employ related to ‘supplier assurance’. When does due diligence cross the line into specific instruction, and potentially reduce the supplier responsibility?

Global networks are far from secure. Indeed,one General Counsel that I spoke with recently questioned whether any company – or indeed any public sector entity – is actually compliant with either the law or its own undertakings. The Economist this week features a supplement on cybercrime which makes similar points. All today’s networks are highly vulnerbale to atttack and to espionage. Governments are well aware of this – and there has been a conspiracy of silence on the issue. (Although there are indications that this may soon be addressed – though it is likely to take years to reach consensus on how to best handle the topic.)

For those of us in contracting, we spend hours crafting clauses and negotiating terms which are mostly of limited honesty or meaning. Is this because we really don’t care, or because we are blissfully unaware of the truth? Companies simply cannot promise complete security of data or information management. It is an area of relative security and safety – and one in which we must become far more expert and knowledgeable.

  1. Once again Tim you hit on a very important issue through a lens of clear understanding related to the real risk and the real resolutions.

    Here is a link to an interview I did with author and Cyber Security expert Richard Stiennon whose book Surviving Cyber War provides some additional and important background information related to the points you had raised;

Trackbacks & Pingbacks

  1. Data Security: The Maginot Line of Contracting « Contracting Intelligence Blog
  2. Data Security: The Maginot Line of Contracting « Procurement Insights

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: