Software Maker Liability Is Elusive Target of US Cyber Plan (1)

President Joe Biden’s push to put software vendors on the hook for cyberattacks is a significant strategy shift for an industry that has largely escaped legal liability after high-profile hacks.

Data breach victims typically focus lawsuits against the primary party responsible for their personal information, and most cybersecurity software vendors are able to minimize any liability through contractual clauses, attorneys say.

Biden, in a new national cybersecurity strategy issued Thursday, proposed federal legislation that would limit contract protections and raise security standards for vendors operating in high-risk areas like critical infrastructure.

The White House didn’t propose any specific provisions for ...