News & Analysis as of

Risk Management

The Higher They Are, The Harder You Fall

by Littler on

You don’t need to be a cable news network, a Hollywood production company, a media mogul or a politician in order to feel the ripple effect from the recent wave of workplace sexual harassment claims. While such harassment...more

ISO 37001: Training, Employee Concerns, and Internal Investigations (Part V of V)

by Michael Volkov on

In my final posting on ISO 37001, I review requirements for training, raising concerns and internal investigations as part of a company’s anti-bribery risk management system....more

7 things you might not know about cybersecurity insurance

by Thompson Coburn LLP on

The number of cyber attacks and data breaches are increasing, and the costs to respond to such incidents are also increasing. This underscores the importance of cyber insurance, a valuable tool that companies can access that...more

Understanding FDA Guidance On Connected Medical Devices

by Morrison & Foerster LLP on

In the coming years, we expect to see an explosion in the number of interoperable medical devices. These are connected medical devices that have the ability to connect to different technologies and devices, even from other...more

Privacy Tip #110 – Resources for Small Businesses to Stay Informed about Cyber Threats

The Federal Trade Commission (FTC) has concentrated on small businesses this year with the launch of www.FTC.gov/SmallBusiness , which provides data security awareness information to small businesses. The site includes...more

Strict Liability and Human Rights Due Diligence – too little too early?

by Hogan Lovells on

It was a pleasure to speak in Geneva earlier this month at a consultation hosted by the United Nations Office of the High Commissioner for Human Rights (“OHCHR“) on the scope for making businesses strictly liable for human...more

What #metoo Means for Employers: Workplace Harassment in the Age of Awareness

This past Sunday, actress Alyssa Milano posted the following message on Twitter: Me too. Suggested by a friend: “If all the women who have been sexually harassed or assaulted wrote ‘Me too.’ ...more

“KRACK” WiFi Security Vulnerability Discovered

Security researchers this week have found a new vulnerability that affects Wi-Fi Protected Access II, also known as WPA2, which is the security protocol used by many wireless networks....more

Risk Management in the Export Controls Minefield (Part 2 in a Series)

by Blank Rome LLP on

As the recent Bright Lights USA case demonstrates, export violations continue to be met by aggressive enforcement actions by U.S. government authorities. In Bright Lights USA, the U.S. State Department’s Directorate of...more

ISO 37001: Risk Assessments, Employees, and Due Diligence Requirements (Part IV of V)

by Michael Volkov on

In Part IV of my series on ISO 37001, I examine requirements relating to risk assessments, design of policies and procedures, and due diligence requirements. Section 4.5 sets out requirements for conducting risk...more

Cybersecurity Awareness: Limiting Your Exposure and Visibility

We spend so much time on our mobile phones and on social media, yet often we don’t think of how these tools are broadcasting our lives as we work and play. With just a few steps, you can limit what you are digitally telling...more

Happy Cybersecurity Awareness Month! Are you Safe?

by Snell & Wilmer on

Since it was first announced by Presidential Proclamation in 2013, we mark each October as National Cybersecurity Awareness Month. The Department of Homeland Security explains that, in 2017, designation is “designed to engage...more

ISO 37001: Board, Top Management and Anti-Bribery Compliance Responsibilities (Part III of V)

by Michael Volkov on

In Part III of my continuing series on ISO 37001, today I examine the board and top management’s respective responsibilities in the implementation and oversight of an anti-bribery management system....more

Is it HIPAA or HIPPA? Either way, it still applies.

by Winstead PC on

I have negotiated hundreds of SaaS agreements for dozens of software companies and I always hated when the company on the other side was a healthcare provider. Invariably, they would bring up Protected Health Information...more

Liz Wiseman-Multiplying the Influence of Compliance

by Thomas Fox on

On the second full day of the SCCE Compliance and Ethics Institute (CEI) Liz Wiseman was one of the keynote speakers. Wiseman is the co-author with Greg McKeown of Multipliers: How the Best Leaders Make Everyone Smarter,...more

The Compliance Challenge: Managing Legal & Regulatory Risk

by Ropes & Gray LLP on

Ryan Rohlfsen, a Ropes & Gray government enforcement partner, highlights findings from a new report on legal and regulatory risk management, based on a global survey of 300 in-house professionals. To learn more about the...more

What Crawled Out from Under That Rock- Negligent References and Reporting Issues

by Davis Brown Law Firm on

Many employers faced with an employment termination decision look for the simplest process for termination, one that causes the least hardship for the employee and mitigates the most litigation risk for the employer....more

New Wave Of Biometric Privacy Class Actions: Could You Be A Target?

by Shook, Hardy & Bacon L.L.P. on

While the privacy world is focused on the Equifax data breach, another development is taking place that could have a more lasting effect on privacy law. In the last month, plaintiffs’ lawyers in Illinois have filed over 20...more

ISO 37001: The Good, The Bad and the Ugly (Part II of V)

by Michael Volkov on

In Part II of my continuing series, I identify in broad strokes some of the more significant positive and negative aspects of ISO 37001. While it is easy to second-guess the ISO 37001 authors, there are some interesting...more

SCCE Compliance and Ethics Institute – Eugene Soltes and How Compliance Programs Works

by Thomas Fox on

The first full day of the SCCE 2017 Compliance and Ethics Institute (CEI) featured a talk by Eugene Soltes, an associate professor at Harvard Business School and author of “Why They Do It”. For this book Soltes spent over...more

Mainbrace: October 2017 (No. 4)

by Blank Rome LLP on

Note from the Maritime Industry Team - Large sectors of the maritime industry—especially offshore—remain in the doldrums, but it nonetheless has been a busy few months for our Blank Rome Maritime group. Our Washington,...more

Plaintiffs’ Lawyer Predicts $1 Billion Settlement in Data Breach Case – But Where’s the “Harm”?

by Orrick - Trust Anchor on

This week, a high profile plaintiffs’ firm (Edelson) stated that “if done right,” the data breach class actions against Equifax should yield more than $1 billion in cash going directly to more than 143 million consumers...more

Fighting Patent Trolls

by Snell & Wilmer on

When it comes to suppressing U.S. competiveness, no one does it better than patent trolls. A 2017 study concluded that 5,100 patent infringement lawsuits were filed in 2016. Patent Trolls account for about 67% of...more

SCCE Preconference Learning – You Are Not Alone in Compliance

by Thomas Fox on

I am writing this today from the Society of Corporate Compliance and Ethics (SCCE) 2017 Compliance and Ethics Institute (CEI). This is the largest annual gathering of compliance professionals anywhere and it is already off to...more

European Banking Authority Publishes Guidelines on Assessment of ICT Risk Under the Supervisory Review and Evaluation Process...

by Shearman & Sterling LLP on

The European Banking Authority has published Guidelines for national regulators aimed at ensuring the convergence of supervisory practices in the assessment of the information and communication technology (ICT) risk under the...more

1,919 Results
|
View per page
Page: of 77
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.