News & Analysis as of

Compliance Information Technology Cybersecurity

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
McCarter & English Blog: Government Contracts...

DOJ Went Down to Georgia: Lessons Learned from Recent Cybersecurity Enforcement Actions

McCarter & English Blog: Government Contracts... on

Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more

Wiley Rein LLP

Policy Patches: An Update on Software Security Regulation

Wiley Rein LLP on

So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more

Venable LLP

Offensive Security Under the EU Digital Operational Resilience Act (DORA)

Venable LLP on

The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more

Sheppard Mullin Richter & Hampton LLP

Data, Deals, and Diplomacy: How the Bulk Data Executive Order Will Shape Future Contracts and Security Practices

Sheppard Mullin Richter & Hampton LLP on

For companies in the U.S. that hold certain personal data and U.S. Government-related data, rules stemming from recent Executive Order (“EO”) 14117 on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United...more

The Volkov Law Group

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

The Volkov Law Group on

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

The Volkov Law Group

Data Privacy Update — Keeping Up with Developments

The Volkov Law Group on

When it comes to data privacy and regulation of personal information, United States companies face a number of major challenges.  Compliance is not easy when you have fast-moving targets.  The single biggest cause of this...more

Goodwin

What DORA Means for Fund Managers

Goodwin on

Q: What is DORA? “DORA” stands for the Digital Operational Resilience Act, an EU regulation that creates a new framework for the EU financial sector with regard to information and communications technology (ICT)....more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Thomas Fox - Compliance Evangelist

SEC, Solar Winds and Compliance

Thomas Fox - Compliance Evangelist on

The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

Skadden, Arps, Slate, Meagher & Flom LLP on

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

Epiq

Moving Information Governance to the Driver’s Seat to Accelerate Cyber Breach Response

Epiq on

Information Governance often takes a back seat to other organizational initiatives. But why is this the case? The list of reasons is long and varied. Not knowing where to start or how to build strategic approaches to...more

NAVEX

Risk Management 101: The Human Touch

NAVEX on

In the first part of Risk Management 101, we focused on the foundational elements of risk management. In part two, we’ll look at how the people who keep your organization running, with their unique insights, skills and...more

HaystackID

[Webcast Transcript] M365 for Law Firms and Lawyers: Purview Premium eDiscovery and Security, Capabilities and War Stories

HaystackID on

Editor’s Note: In a rapidly evolving technological landscape, understanding the capabilities and limitations of platforms like Microsoft 365 (M365) is crucial for law firms, especially in the realms of eDiscovery and...more

Dunlap Bennett & Ludwig PLLC

The Role Of A Cybersecurity Law Firm In Safeguarding Digital Assets

Dunlap Bennett & Ludwig PLLC on

In today’s digital landscape, organizations face numerous cybersecurity threats that can compromise their valuable digital assets, including their data, IT infrastructure, networks, software, and intellectual property (IP)....more

The Volkov Law Group

Maintaining Focus on Cyber Risks (Part II of IV)

The Volkov Law Group on

If you read about the world of hackers and cyber threats, you will quickly become numb to the creativity and variety of techniques that may threaten your organization.  Like all risks, however, the key is to consider...more

The Volkov Law Group

The Evolving Partnership: Compliance and Cybersecurity (Part I of IV)

The Volkov Law Group on

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation...more

ArentFox Schiff

Key Takeaways from OCR’s Latest Annual HIPAA Reports to Congress

ArentFox Schiff on

On February 17, 2023, the US Department of Health and Human Services Office for Civil Rights (OCR) released two companion reports to Congress detailing its actions in 2021 to enforce the privacy, security, and breach...more

J.S. Held

Water Cybersecurity? EPA Mandates Regulations to Prevent Cyberattacks on Public Water Systems

J.S. Held on

EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more

BCLP

Cyber laws will be updated to boost UK’s resilience against online attacks

BCLP on

The UK government confirmed on 30 November 2022 that there will be changes to the UK’s cybersecurity regulations in response to a public consultation launched earlier this year. This follows recent updates relating to the...more

Reveal

8 Internal Investigation Trends That Will Define The Legal Industry in 2023

Reveal on

As a corporate investigator, you know that there are nuances to internal investigations that fluctuate over time. While the basic mandate stays the same - investigate potential wrongdoing and noncompliance to determine...more

Society of Corporate Compliance and Ethics...

[Virtual Event] Chicago & Nashville Regional Compliance & Ethics Conference - July 15th, 8:25 am - 4:30 pm CDT

Society of Corporate Compliance and Ethics... on

General and specialty compliance training from the comfort of your home or office! SCCE’s Regional Compliance & Ethics Conferences provide practitioners with virtual compliance training that includes updates on the latest...more

McDermott Will & Emery

Key Takeaways | Keeping the Lights On: Cyber Threat, Vulnerability and Oversight Considerations for the Energy Sector

McDermott Will & Emery on

During the latest webinar in our Energy Transition series, Partners Carl Fleming and Scott Ferber hosted PWC Principals Brad Bauch, US Power and Utilities Cybersecurity & Privacy Leader, and Mark Ray, Cybersecurity & Privacy,...more

NAVEX

IT and Corporate Compliance: Bridging the Gap in the Era of Remote and Hybrid Work

NAVEX on

In many ways, the COVID-19 pandemic has served as a prime example of punctuated equilibrium. Shifts that have been slowly building for decades seemingly occurred overnight, giving us the contradictory sense that these changes...more

NAVEX

The Complicated Tango of Compliance & Cybersecurity

NAVEX on

A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more

43 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide