News & Analysis as of July 16, 2025

Compliance › Cybersecurity

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

[Event] 8th National Forum on FOCI - September 29th - 30th, Washington, DC

American Conference Institute (ACI) on 7/16/2025

Section 847 is widely regarded as a seismic shift that will result in a jump from 2,000 to 41,000 cases being processed annually! In anticipation of this, DCSA has been scaling up their resources and personnel. ACI’s 8th...more

Key lessons on the False Claims Act for government contractors after Raytheon’s $8.4 million settlement

Clark Hill PLC on 7/16/2025

Government contractors should be on high alert following the recent announcement that Raytheon Company, its parent RTX Corporation, and Nightwing Group, LLC, have agreed to pay $8.4 million to resolve allegations of violating...more

Navigating Cloud Forensics in Complex Investigations

J.S. Held on 7/16/2025

Introduction: Understanding Cloud Data in the Modern Digital Landscape - In today’s hyper-connected digital world, we interact with vast amounts of data, much of which isn’t stored locally on our devices but instead...more

GPAI Code of Practice – Final Version Published by European Commission

DLA Piper on 7/15/2025

The European Commission has published the final version of a general-purpose AI (“GPAI”) Code of Practice. We took a deeper look into it and prepared a short summary to help you understand what the GPAI Code of Practice is,...more

DOJ’s 90-Day Data Security Compliance Grace Period is Over: Are You Compliant?

Sheppard Mullin Richter & Hampton LLP on 7/15/2025

The U.S. Department of Justice (“DOJ”) Data Security Program (“DSP”) 90-day enforcement grace period ended as of July 8, 2025. While the program became effective April 8, 2025, DOJ implemented a 90-day enforcement grace...more

EU RTS on subcontracting ICT services supporting critical or important functions under DORA published in OJ

A&O Shearman on 7/15/2025

Commission Delegated Regulation (EU) 2025/532 has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to regulatory...more

Multiple Slack Workspaces, One Governance Strategy: Here’s How to Get It Right

Hanzo on 7/14/2025

Managing collaboration at enterprise scale is inherently complex, especially when your organization operates across multiple workspaces. As teams become more distributed, compliance demands intensify, and business units push...more

EU Releases General-Purpose AI Code of Practice

Baker Botts L.L.P. on 7/14/2025

On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more

The EU’s New Cybersecurity Law for the Space Sector

Skadden, Arps, Slate, Meagher & Flom LLP on 7/9/2025

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

NIS 2: Strengthening Europe’s Cyber Defenses

Morrison & Foerster LLP on 7/8/2025

European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more

US Corporate Governance — 2025 Midyear Review

Herbert Smith Freehills Kramer on 7/8/2025

The Financial Crimes Enforcement Network (FinCEN) issued an interim final rule in March 2025 that removes requirements for US companies to report beneficial ownership information under the Corporate Transparency Act (CTA)....more

#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath

Thomas Fox - Compliance Evangelist on 7/7/2025

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more

FERC Moves To Bolster Cybersecurity

Davis Wright Tremaine LLP on 7/3/2025

On June 26, FERC approved a new reliability standard (CIP-015-1) proposed by the North American Electric Reliability Corporation ("NERC") to enhance cybersecurity of the nation's bulk electric system ("BES"). In a related...more

Cyber Resilience Is Key: The Never-Ending Delays of NIS2 Implementation

King & Spalding on 7/2/2025

The European Union’s ("EU") NIS2 Directive (Directive (EU) 2022/2555) capitalizes on the success of its predecessor, NIS, the first horizontal minimum harmonization cyber security and resilience frameworks at the EU level....more

EU Space Act: What In-House Counsel Need to Know About the Potential Regulatory Framework for Space Activities in Europe

King & Spalding on 7/2/2025

On June 25, 2025, the European Commission published the long-anticipated draft EU Space Act (“Act”), a potentially landmark regulation that will apply to both EU and non-EU operators providing space services in Europe. The...more

EU Delegated Regulation on threat-led penetration testing published in OJ

A&O Shearman on 6/30/2025

Commission Delegated Regulation (EU) 2025/1190 of 13 February has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to...more

The 2025 TPRM Study: Key Findings and Recommendations

Mitratech Holdings, Inc on 6/27/2025

The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more

Great Women in Compliance: GWIC X EC Q2 2025 - Exploring Compliance Innovations

Thomas Fox - Compliance Evangelist on 6/25/2025

We are back with another GWIC X EC crossover episode. Today we have the quartet of Great Women in Compliance of Kristy Grant-Hart, Karen Moore, Lisa Fine and Hemma Lomax. The GWIC quartet discuss various intriguing topics...more

#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.

Thomas Fox - Compliance Evangelist on 6/23/2025

Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

McCarter & English Blog: Government Contracts... on 6/16/2025

On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction...more

The Need for Speed: DoD’s “Software Fast Track” Targets Bureaucracy at Mach 2

McCarter & English Blog: Government Contracts... on 6/13/2025

The Department of Defense (DoD) is revving its engines again—this time to rocket past its own software acquisition drag. Launched via an April 24 memo from Acting DoD CIO Katie Arrington, the DoD’s Software Fast Track (SWFT)...more

[Webinar] Operationalizing AI: Governance, Culture, Bias, Privacy, Data and Cyber Security Considerations - June 24th, 1:00 pm -...

American Conference Institute (ACI) on 6/13/2025

This complimentary webinar will delve into the real-life aspects of implementation – with a focus on organizational preparedness and proactive strategic foresight. Join us as we discuss how to design and roll out a...more

1,137 Results

View per page

Page: of 46

Compliance › Cybersecurity

[Event] 8th National Forum on FOCI - September 29th - 30th, Washington, DC

Key lessons on the False Claims Act for government contractors after Raytheon’s $8.4 million settlement

Navigating Cloud Forensics in Complex Investigations

GPAI Code of Practice – Final Version Published by European Commission

DOJ’s 90-Day Data Security Compliance Grace Period is Over: Are You Compliant?

EU RTS on subcontracting ICT services supporting critical or important functions under DORA published in OJ

Multiple Slack Workspaces, One Governance Strategy: Here’s How to Get It Right

EU Releases General-Purpose AI Code of Practice

The EU’s New Cybersecurity Law for the Space Sector

NIS 2: Strengthening Europe’s Cyber Defenses

US Corporate Governance — 2025 Midyear Review

#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath

FERC Moves To Bolster Cybersecurity

Cyber Resilience Is Key: The Never-Ending Delays of NIS2 Implementation

EU Space Act: What In-House Counsel Need to Know About the Potential Regulatory Framework for Space Activities in Europe

EU Delegated Regulation on threat-led penetration testing published in OJ

The 2025 TPRM Study: Key Findings and Recommendations

Great Women in Compliance: GWIC X EC Q2 2025 - Exploring Compliance Innovations

#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.

Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

The Need for Speed: DoD’s “Software Fast Track” Targets Bureaucracy at Mach 2

[Webinar] Operationalizing AI: Governance, Culture, Bias, Privacy, Data and Cyber Security Considerations - June 24th, 1:00 pm -...

Strategic Signals: May 2025 HSR Filings Reveal Steady M&A Amid Market Shifts

Managing Litigation Risk During the Business Lifecycle, Part 4: M&A Transactions with Government Contractors

Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder

Compliance › Cybersecurity

"My best business intelligence, in one easy email…"