News & Analysis as of

Compliance Chief Information Security Officer (CISO)

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Gardner Law

Privacy Summer School – “Back to School” Recap

Gardner Law on

This summer, Paul Rothermel presented a three-part webinar series “Privacy Summer School” covering key privacy topics. These programs, drawing on Paul’s deep privacy experience, covered key areas of compliance and risk as...more

Health Care Compliance Association (HCCA)

[Webinar] The Metrics of Selecting Effective Metrics - September 11th, 12:00 pm - 1:30 pm CT

Health Care Compliance Association (HCCA) on

Learning Objectives: - Assess and identify how to select metrics that matter in measuring the effectiveness and progress of a compliance program - Align metrics with regulatory requirements and how they apply to one's...more

HaystackID

[Webcast Transcript] CFIUS Reviews: Strategies for Ensuring Compliance and Strategizing on Foreign Investments

HaystackID on

Editor’s Note: During a recent HaystackID webcast, expert panelists explored the role of the Committee on Foreign Investment in the United States (CFIUS) in protecting sensitive technologies, classified contracts, and other...more

KPMG Board Leadership Center (BLC)

Board oversight of GenAI

KPMG Board Leadership Center (BLC) on

Like few topics before it, generative artificial intelligence (GenAI) has dominated discussions in many C-suites over the last year. Boards are playing a crucial role in both encouraging management to accelerate the pace of...more

BakerHostetler

Are You Ready for It? NYDFS Annual Cybersecurity Certification Deadline April 15

BakerHostetler on

The New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500), effective Nov. 1, 2023, which we wrote about here. Covered entities must still certify compliance...more

NAVEX

Compliance Made Easy: Using Automation, AI and Seamless Integrations

NAVEX on

You’re probably hearing and reading a lot of information about artificial intelligence (AI) these days – and for good reason too. The advent of widely accessible natural language processing software, like ChatGPT, changed the...more

Health Care Compliance Association (HCCA)

As AI-Assisted Research Advances, Experts Share Worries, Oversight Strategies; Collaboration Urged

Health Care Compliance Association (HCCA) on

At Cornell University, institutional review board (IRB) members meet with the chief information security officer and a liaison to the general counsel’s office. Their regular attendance has been “really critical,” said IRB...more

NAVEX

AI is a New Risk Domain that Compliance Officers Must Actively Manage

NAVEX on

Let’s take a moment to address the elephant in the room: AI risk. The hype surrounding generative AI, like Chat GPT, is encouraging more people and organizations to use it. This creates a clear need to address business...more

Eversheds Sutherland (US) LLP

New York Raises the Bar Again: Revised Cybersecurity Requirements for Financial Services Companies Finalized

Eversheds Sutherland (US) LLP on

On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more

Patterson Belknap Webb & Tyler LLP

New York’s Department of Financial Services Amplifies its Cybersecurity Regulations

Patterson Belknap Webb & Tyler LLP on

On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more

WilmerHale

SEC Charges SolarWinds and CISO with Fraud and Internal Controls Failures

WilmerHale on

On October 30, 2023, the Securities and Exchange Commission (“SEC”), filed a complaint against SolarWinds Corp. (“SolarWinds” or the “Company”) for fraud and internal and disclosure controls failures relating to allegedly...more

Guidepost Solutions LLC

The SEC has new Cybersecurity Rules. Are you prepared and ready?

Guidepost Solutions LLC on

On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions.  Additionally,...more

Latham & Watkins LLP

SEC Adopts Cybersecurity Disclosure Rules

Latham & Watkins LLP on

The SEC, by a 3-2 vote, has adopted new rules requiring companies to provide: ..current disclosure on Form 8-K within four business days of determining that a material cybersecurity incident has occurred; and ...more

Thomas Fox - Compliance Evangelist

Corruption, Crime and Compliance : Cybersecurity and Compliance: The Growing Partnership of CISOs and CCOs

Thomas Fox - Compliance Evangelist on

In today’s world data is the new gold, and protecting it has become imperative for businesses worldwide. On this week’s episode of Corruption, Crime and Compliance, Michael Volkov navigates the cybersecurity landscape,...more

The Volkov Law Group

Episode 282 -- CISO and CCOs -- The Evolving Partnership

The Volkov Law Group on

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more

The Volkov Law Group

The Cyber Compliance Imperative: Bringing Employees Together with Technology (Part III of IV)

The Volkov Law Group on

It is easy to get lost in the technology world of cyber security – the information technology business relies on lots of acronyms, techno-speak and function-specific terminology.  In responding to a cyber and data security...more

The Volkov Law Group

The Evolving Partnership: Compliance and Cybersecurity (Part I of IV)

The Volkov Law Group on

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation...more

NAVEX

The Value-Add of CCO-CISO Partnerships in Today’s Cybersecurity Threat Landscape

NAVEX on

Most chief compliance officers (CCOs) are not technology experts, just as chief information security officers (CISOs) are not regulatory compliance experts. But as a strategic partnership, these two functions play an...more

J.S. Held

How to Hire a Good CISO: A Short But Informative Guide

J.S. Held on

The deluge of cyberattacks has not abated. Before discussing what a CISO does and the different ways of bringing CISO expertise into an organization, let us take a quick look at the current threat landscape....more

NAVEX

[Webinar] Risk and Process Management Framework: Lessons Learned in Getting Started – Featuring Forrester - June 20th, 10:00 am PT

NAVEX on

Getting a successful risk management program off the ground can be daunting for even the most intrepid information security professionals. It doesn’t have to be rocket science. In this webinar, we’ll explore with guest...more

NAVEX

[Webinar] The State of Risk & Compliance in 2023 - June 22nd, 9:00 am PT

NAVEX on

As our business environment becomes more complex and regulated, it is crucial for organizations to stay on top of their risk and compliance priorities. In this webinar, leaders in compliance and statistical research will...more

Conyers

Bermuda Cyber Risk Code Compliance Deadline

Conyers on

The Bermuda Monetary Authority published the revised Operational Cyber Risk Management Code of Conduct (the “Cyber Risk Code”) for corporate service providers, trust companies, money services businesses, investment...more

Society of Corporate Compliance and Ethics...

[Webinar] Security Compliance at Scale - December 13th, 12:00 pm - 1:30 pm CT

Society of Corporate Compliance and Ethics... on

Learning Objectives: - Learn the technical dos and don’ts in implementing security compliance frameworks such as SOC 2, ISO 27001 and HIPAA - Discussion about why security compliance is so critical for organizations...more

Holland & Knight LLP

NYDFS Proposes Amendments to Cybersecurity Regulation

Holland & Knight LLP on

The New York Department of Financial Services (NYDFS) on Nov. 9, 2022, released Proposed Amendments to its Cybersecurity Regulation. The NYDFS Cybersecurity Regulation was one of the first laws requiring companies to comply...more

Paul Hastings LLP

Top PHive Crypto Enforcement Notes: September Edition

Paul Hastings LLP on

Greetings, and thank you for taking a look at our new monthly crypto enforcement newsletter. Our goal is to share five topics each month that we believe are of significance in the world of crypto enforcement—particularly as...more

39 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide