Our Website Uses Cookies 


We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.


For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

Designing and Implementing a Three-Step Cybersecurity Framework for Assessing and Vetting Third Parties

April 8, 2015, The Cybersecurity Law Report

Covington's David Fagan is quoted regarding cybersecurity:

"Companies 'should have a process in place to categorize vendors in terms of levels of risk and then they should apply assessment from that basis,' Fagan said. The first step should be to 'assign a risk classification to them. And that should track to what kind of assessment you provide.'"

Share this article: