LEGAL NEWS
in the event of a cybersecurity attack may help a business minimize its business losses.
Vendor Management Do you have a vendor management
process and contract review that addresses vendor data security, indemnity and breach response? Vendors unknowingly may be an
avenue for cybercriminals to attack a business by failing to implement robust security practices, regular training or access controls. Sloppy contracts may leave you “holding the bag” while your vendor escapes responsibility for the costs that a data breach caused by their lax security practices is imposed on you. Consider contractually requiring vendors to comply with specified data security standards, bearing the cost of a data breach or cyberattack that their conduct permits, and/or requiring a vendor to provide proof of cyber liability insurance.
Training Have you had any employee training
for a cyber incident? Businesses should keep in mind
that often their greatest vulnerability is their employees. Password and other credential-sharing has been identified as the initial source of most cyberattacks involving access to company networks. Routinely training (and testing) employees on the importance of strong passwords and the risks of sharing credentials and opening phishing emails, and what to do when they suspect such an incident has occurred, can dramatically improve a company’s cybersecurity. Tere are numerous resources
available for businesses to assist in improving their cybersecurity programs. One is the National Institute of Standards and Technology Cyberse- curity Framework, which is a tool for organizations to self-assess their level
of preparedness to prevent, detect and respond to cyberattacks, then outline a plan to improve security processes. Other resources include InfraGard, a non-profit organization that promotes information sharing between private- sector companies, among others.
Accuracy of Representations Have you made representations
about your data and cybersecurity on your website or in contracts, and if so, have you recently confirmed they are consistent with your current practices? Te FTC rigorously pursues actions
against companies that make represen- tations about the security of its data and then fail to live up to those promises. Be sure the public-facing representations your company makes about its cyberse- curity and privacy practices are accurate, and regularly assess such representa- tions for consistency with your actual practices.
Continued on page 20
Expert Craftsmanship and a Relationship You Can Count On.
Cement Masons Locals 500 & 600 signatory contractors are among the highest profile, reputable and successful firms in Southern California. Our workforce represents the most highly trained and competent craftspeople in the concrete industry. Our relationship together can assist in your company’s value and growth. If that doesn’t convince you, maybe this will.
We help level your playing field with:
Your workforce is trained in:
Contact us and we will show you how we have assisted others like you to create growth and
Southern California Cement Masons LMCC
www.AGC-CA.org
Associated General Contractors of California 19
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24
