This resource from NASCIO addresses steps state governments should take to ensure cybersecurity is a key part of the acquisition process, calling for a collaborative effort between the CIO office, CISO office, state agencies and the private sector.
Buyer Be Aware: Integrating Cybersecurity into the Acquisition Process

CDPO, CDPO/BR, CDPO/FR, CIPM, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPT, LGPD
Credits: 2
Related Stories
Privacy in M&A transactions: The playbook
Mergers and acquisitions has been central to us for a long time. Given our group emphasis on the importance of privacy in data-centric transactions, consideration of data protection and other associated issues in an M&A context is essential. This playbook aims to address this need by consolidating o...
Incorporating Privacy & Cyber Risk Assessments into Mergers & Acquisition
Original broadcast date: June 2, 2021
This session explained how privacy and cybersecurity liability may arise in a deal involving the transfer of data assets or where revenue forecasts may be based on the monetisation of data sets or a business model which fails to meet baseline regulatory requir...
How a 'Technical Expert' factors into the Google-Fitbit acquisition
Last November, Google acquired Fitbit for $2.1 billion and before the ink could dry on the dotted line, regulators and advocates began to cast their eyes toward potential privacy and antitrust issues.
Google sought to assuage these concerns in Europe by bringing forth a package to the European Comm...
OneTrust announces acquisition of Integris Software
OneTrust CEO Kabir Barday, CIPP/E, CIPP/US, CIPM, CIPT, FIP, and Integris Software Founder and CEO Kristina Bergman were having similar conversations with their customers at the same time. The tech vendors' customers wanted them to expand their offerings with what the other was providing.
Bergman s...
IAPP-EY Professionalizing Organizational AI Governance Report – Executive Summary
This report on organizational AI governance focuses on the internal guidelines and practices organizations follow to ensure responsible development, deployment or use of AI....