Third-Party Risk The competitive world of banking struggles to keep up with technological advances, particularly in a regulatory environment.
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
REFRESH Nonprofit Basics: Director Duties and Best Practices for the Typical Nonprofit Public Benefit Corporation
REFRESH Nonprofit Basics: Designators, Members, Directors, Officers - The Who’s Who of Nonprofit Governance
“Monsters, Inc.” y el buen gobierno corporativo
Market Leaders Podcast Episode 94: Exploring the Perils of Optics-Driven DEI Initiatives with Guest Mira Dewji
AGG Talks: Cross-Border Business Podcast - Episode 16: The Political and Legal Maze of ESG in the U.S. and Abroad
Episode 322 -- Checking in on Caremark Cases
Compliance into the Weeds: What Are Boards Doing About AI (Hint: Not Much)
Conflictos de interés en Colombia, nueva regulación
The Informed Board Podcast | CEO Succession Planning on a Clear Day
Podcast - Deberes fiduciarios de los administradores
Innovation in Compliance - Diligent 5-Part Series - Building a Stronger Culture of Compliance Through Targeted and Effective Training: Part 5 - The Role of the Board
One Month to a More Effective Compliance Program with Boards – Day 14 - Boards and Doing Business in China
One Month to a More Effective Compliance Program with Boards - Day 9 - Board Governance and Risk Oversight
One Month to a More Effective Compliance Program with Boards – Day 5 - OIG Guidance for Boards Regarding Compliance
Nonprofit Basics: Meeting Minutes Best Practices
One Month to a More Effective Compliance Program with Boards - Day 1 - Legal Requirements of the Board Regarding Compliance
Innovation in Compliance - Key Board Issues Going Forward with Christina Bresani
Compliance into the Weeds - McDonald’s and Duty of Corporate Officer Oversight
On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more
On October 22, 2024, the SEC announced that it had entered into settlements with four separate companies for making allegedly misleading disclosures about how they were impacted by the SolarWinds data breach in 2019. The...more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more
At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more
According to a New York Times story this weekend, the Security Exchange Commission’s lawsuit against SolarWinds is driving discussions in boardrooms and corporate security departments of large organizations about the handling...more
Corporate boards face a panoply of risks – and the nature of these risks are quickly evolving. Cybersecurity has quickly risen to the top of the list of corporate risks. Add to that the new SEC regulations on cybersecurity...more
Boards of Directors for public companies across the country are likely to be taking stock of their companys’ cybersecurity practices and strategies after the Securities and Exchange Commission’s adoption of the Cybersecurity...more
As cyber threats have evolved and expanded, cybersecurity has emerged as a threat to organizations across sectors, and there is more urgency than ever for companies to remain vigilant and prepared. Cybersecurity incidents can...more
The U.S. Securities and Exchange Commission’s (SEC) 2023 Spring Unified Agenda of Regulatory and Deregulatory Actions was released last month and includes an anticipated action date for finalizing rules for cybersecurity...more
The attention on IT Risk and Cybersecurity risk management policies is reaching new heights — again. It doesn’t matter if you’re a large enterprise like Uber or a small / midcap company; there’s one common thread as we start...more
Cyber risks are increasing, and as a result, due diligence inquiries and valuations are increasingly focusing on the cybersecurity and privacy risks inherent in a business’s collection, use, retention and disposal of data. ...more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
Corporate risk and compliance officers already labor under an influx of concerns related to cybersecurity, so you might have missed this latest news: the U.S. Securities and Exchange Commission has proposed new rules for more...more
Cybersecurity is a modern tech-savvy buzzword that often makes non-IT peoples’ eyes glaze over. This mindset is very risky, and cybersecurity should not be taken lightly. The truth is that cybersecurity, while highly...more
In remarks in January before the Northwestern Pritzker School of Law’s Annual Securities Regulation Institute, SEC Chair Gary Gensler addressed cybersecurity under the securities laws. (See this PubCo post.) Gensler suggested...more
Takeaway: With the surge of data and cybersecurity breaches, corporate directors and officers have become targets for shareholder derivative lawsuits. Fortunately, there are procedural measures that directors and officers can...more
1.0 CYBER MARKET UPDATE - 1.1 US Market Update - To call 2021 anything other than a sea change in the cyber insurance world would be an understatement. Indeed, nearly all cyber insurance renewals saw increases in...more
Cyber attacks continue to be one of the most concerning risks to businesses. COVID-19 is only exacerbating those risks. Add to that the D&O litigation that happens after a cyber event, and you have a recipe for disaster for...more
Investors filed a derivative suit claiming that the company knew about, and failed to mitigate known, existing cybersecurity risks and shortfalls prior to the security breach. In early November, pension funds and...more
Corporate investigations can serve a variety of different purposes. From uncovering accounting fraud to responding to cybersecurity breaches and preparing for litigation, there are various circumstances in which corporate...more
Takeaways - Boards need to take an active role overseeing cybersecurity measures. - Directors may be held personally responsible for lapses that result in attacks. - U.S. money laundering and sanctions rules may prohibit...more