How to prevail when technology fails - Flipbook - Page 7
Executive summary | 7
3
4
Monitor risks across the
entire technology lifecycle
You’re only as strong as your
weakest third party
It is imperative to assess technology risk not just
when developing new products or forming new
partnerships, but also on an ongoing basis.
Even if businesses take every necessary
precautionary measure to mitigate technology
risks, they may still be vulnerable if their suppliers,
partners or acquired businesses have not done the
same. So you should assess the mitigation steps
taken by third parties.
Take artificial intelligence technology. Depending
on the circumstances, companies need to check for
biases not just when they purchase or develop this
technology, but also on an ongoing basis to ensure
that no biases emerge when it is being used.
The same is true of partnerships. Legal teams
should assess risk associated with a technology
joint venture not just before it is agreed, but also
for the duration of the partnership to identify any
risks that materialize and ensure that contracts are
adhered to.
Our survey data reveals that many businesses
are not doing this enough. Despite the numerous
instances of data breaches stemming from
compromised third-party systems, two-thirds of
businesses assess only a small number of their
suppliers’ cybersecurity credentials.
And despite the increasingly complex risks
of acquiring and partnering with technology
companies, only the minority of businesses have
increased the amount of time they spend analyzing
risks during due diligence.
You will never be immune from technology failure. But by
following these four principles, you will be well prepared to
mitigate the legal risks if the worst should happen.
We hope you enjoy reading this report. Do let us know if
you have any comments or feedback.