Click here to watch the video.

Is my firm required to have a vendor cybersecurity due diligence policy?

While firms are not expressly required to have written policies and procedures in place for vetting vendors on cybersecurity, the best way to mitigate risk is to develop and follow a written vendor cybersecurity diligence policy. In this SRZ FAQ video, partner Edward Sadtler discusses why it is important to implement policies and procedures in relation to third-party vendors.