No Password Required: LIVE From Sunshine Cyber Con
Corruption, Crime and Compliance : Cybersecurity and Compliance: The Growing Partnership of CISOs and CCOs
Episode 282 -- CISO and CCOs -- The Evolving Partnership
Compliance Into The Weeds - HanesBrands Cyber Security Breach Disclosure
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
Cyberside Chats: Don’t silo your risk from legal (with Ingrid Rodriguez)
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Marti Arvin and Anthony Buenger on the CMMC Framework
In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more
2024 was a year of numerous and notable cybersecurity failures – although, to be fair, most years are now marred by numerous and notable cybersecurity failures. That’s no longer anything special. What makes 2024 interesting...more
The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more
Look around the business landscape today, and supply-chain risks are everywhere – which means that sooner or later, those risks will appear on the compliance function’s radar screen too. They probably already have....more
New York hospitals have less than a year to dust off their Health Insurance Portability and Accountability Act (HIPAA) compliance programs and update them to comply with more stringent and detailed state regulations. Last...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
Looking for compliance education and networking in your area? HCCA’s Regional Healthcare Compliance Conferences offer practitioners convenient, local compliance education on a wide variety of current and emerging topics...more
This summer, Paul Rothermel presented a three-part webinar series “Privacy Summer School” covering key privacy topics. These programs, drawing on Paul’s deep privacy experience, covered key areas of compliance and risk as...more
Learning Objectives: - Assess and identify how to select metrics that matter in measuring the effectiveness and progress of a compliance program - Align metrics with regulatory requirements and how they apply to one's...more
Editor’s Note: During a recent HaystackID webcast, expert panelists explored the role of the Committee on Foreign Investment in the United States (CFIUS) in protecting sensitive technologies, classified contracts, and other...more
Like few topics before it, generative artificial intelligence (GenAI) has dominated discussions in many C-suites over the last year. Boards are playing a crucial role in both encouraging management to accelerate the pace of...more
The New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500), effective Nov. 1, 2023, which we wrote about here. Covered entities must still certify compliance...more
You’re probably hearing and reading a lot of information about artificial intelligence (AI) these days – and for good reason too. The advent of widely accessible natural language processing software, like ChatGPT, changed the...more
At Cornell University, institutional review board (IRB) members meet with the chief information security officer and a liaison to the general counsel’s office. Their regular attendance has been “really critical,” said IRB...more
Let’s take a moment to address the elephant in the room: AI risk. The hype surrounding generative AI, like Chat GPT, is encouraging more people and organizations to use it. This creates a clear need to address business...more
On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more
On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more
On October 30, 2023, the Securities and Exchange Commission (“SEC”), filed a complaint against SolarWinds Corp. (“SolarWinds” or the “Company”) for fraud and internal and disclosure controls failures relating to allegedly...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
The SEC, by a 3-2 vote, has adopted new rules requiring companies to provide: ..current disclosure on Form 8-K within four business days of determining that a material cybersecurity incident has occurred; and ...more
In today’s world data is the new gold, and protecting it has become imperative for businesses worldwide. On this week’s episode of Corruption, Crime and Compliance, Michael Volkov navigates the cybersecurity landscape,...more
If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more
It is easy to get lost in the technology world of cyber security – the information technology business relies on lots of acronyms, techno-speak and function-specific terminology. In responding to a cyber and data security...more