Posts in Corporate & Transactional
Practical Tips on Mitigating Legal Risks from Ransomware Attacks on Technology Vendors

Ransomware is no longer just an IT problem—it is a contract problem hiding in plain sight. As high-profile incidents like the attacks on Kronos, Change Healthcare, and CDK Global demonstrate, when a critical vendor goes down, the resulting disruption cascades through payroll, HR, and core operations, exposing customers not only to business interruption but also to regulatory penalties, employee claims, and reputational harm. Yet many companies discover too late that their vendor agreements were drafted for yesterday’s “data breach,” not today’s system-crippling ransomware event.

This advisory reframes ransomware as a risk allocation failure—and a fixable one. By dissecting where traditional definitions, liability caps, and insurance provisions fall short, it offers a practical roadmap for shifting exposure back where it belongs: onto the vendors best positioned to manage it. The message is straightforward but urgent: unless contracts evolve as quickly as cyber threats, companies will continue to bear losses they thought they had already outsourced.

Download the advisory here.

Cybersecurity & Data Risk, Corporate & TransactionalCarl Baranowskiransomware, cybersecurity law, vendor risk, SaaS risk, data breach, contract drafting, indemnity clauses, GDPR, CCPA, enterprise risk management
The Algorithmic Principal – Navigating the AI Liability Gap in Commercial Transactions and Agency Law

Autonomous “agentic” AI systems challenge traditional doctrines of agency, contract, and corporate governance. As AI tools increasingly execute financial and procurement decisions, existing legal frameworks struggle to allocate responsibility when algorithmic actions cause harm. This white paper analyzes the emerging AI liability gap and outlines practical governance and risk management considerations for enterprises deploying autonomous systems. Download it here.

Artificial Intelligence, Corporate & Transactional, Emerging Technology LawCarl BaranowskiAI law, agentic AI, liability gap, electronic personhood, agency law, commercial contracts, corporate governance, AI risk, fintech law, procurement risk