IT GovernanceRisk Management

IT Service Providers and Customers Battle Over Data Breaches

When data breaches occur, it’s not just the business’ problem: it’s the IT service provider’s as well. In the past, IT was willing to take the liability, but with an ever expanding customer list and possibility of huge financial loss for IT, service providers began pushing back, namely by limiting their liability via contract negotiation with outsourcing customers. According to this article from, that was just the beginning of the hard line stances: soon the outsourcing customers began to make their own demands. As Chris Ford ( chair of the global sourcing group at the law firm Morrison & Foerster) is quotes in the article: IT service buyers are also coming to the table with detailed risk profile assessments that put a real dollar figure on potential data breaches. “Customers are looking at this issue as hard as the service providers and saying, ‘I’m handing my data over to you. You’re in control of my data. If something goes wrong you need to take responsibility,'” Ford said. Now the two — IT service providers and outsourcing customers — often find themselves at the negotiation table unwilling to shake hands until each establishes just who is liable (and for how much) .  Instead of coming closer to an understanding of responsibility, it seems that IT service providers and IT service buyers are moving further apart, leaving big questions on who will take responsibility for data breaches, and just who foots the bill.

Show More

Leave a Reply


We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.