News & Analysis as of July 10, 2025

Cybersecurity

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

The EU’s New Cybersecurity Law for the Space Sector

Skadden, Arps, Slate, Meagher & Flom LLP on 7/9/2025

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

NIS 2: Strengthening Europe’s Cyber Defenses

Morrison & Foerster LLP on 7/8/2025

European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more

FERC Moves To Bolster Cybersecurity

Davis Wright Tremaine LLP on 7/3/2025

On June 26, FERC approved a new reliability standard (CIP-015-1) proposed by the North American Electric Reliability Corporation ("NERC") to enhance cybersecurity of the nation's bulk electric system ("BES"). In a related...more

EU Space Act: What In-House Counsel Need to Know About the Potential Regulatory Framework for Space Activities in Europe

King & Spalding on 7/2/2025

On June 25, 2025, the European Commission published the long-anticipated draft EU Space Act (“Act”), a potentially landmark regulation that will apply to both EU and non-EU operators providing space services in Europe. The...more

#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.

Thomas Fox - Compliance Evangelist on 6/23/2025

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more

The Need for Speed: DoD’s “Software Fast Track” Targets Bureaucracy at Mach 2

McCarter & English Blog: Government Contracts... on 6/13/2025

The Department of Defense (DoD) is revving its engines again—this time to rocket past its own software acquisition drag. Launched via an April 24 memo from Acting DoD CIO Katie Arrington, the DoD’s Software Fast Track (SWFT)...more

Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder

Thomas Fox - Compliance Evangelist on 6/10/2025

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance as he visits with top innovative minds, thinkers and creators in the...more

New DOL/EBSA Opinion Letter Program Offers A Path to Clarity for Plan Sponsors

Jackson Lewis P.C. on 6/6/2025

On June 2, 2025, the U.S. Department of Labor (DOL) announced a significant expansion of its compliance assistance tools by launching an Opinion Letter Program across five key enforcement agencies, including the Employee...more

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

Venable LLP on 6/4/2025

As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more

The Era of Shadow AI: New Challenges for Corporate Security

HaystackID on 5/27/2025

Artificial intelligence is driving a transformation across industries, with unprecedented opportunities for innovation, automation, and efficiency. Yet as AI integrates more deeply into business processes, it also brings a...more

Data Governance: Practical Considerations for a Reasonable Security Program

BakerHostetler on 5/23/2025

Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more

A Call to Do Better at Vendor Security Risks

NAVEX on 5/21/2025

Technology vendors everywhere want to serve big Wall Street banks, so when one of those banks talks about risks they see in their software supply chain, compliance and audit professionals should listen – which brings us to an...more

EU Cyber Resilience Act: How to Prepare Now

Mitratech Holdings, Inc on 5/16/2025

The EU Cyber Resilience Act (CRA), adopted by the European Parliament in 2024, marks a major milestone in European cybersecurity legislation. As the first EU-wide law focused on the cybersecurity of digital products, it...more

Top Healthcare Compliance Priorities for 2025

Health Care Compliance Association (HCCA) on 5/8/2025

Recently Protiviti released an intriguing report: Top Compliance Priorities for U.S. Healthcare Organizations in 2025. In this podcast their Global Healthcare Compliance Leader, Leyla Erkan, CHC, CHP, CHRC, shares some of the...more

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on 5/6/2025

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

Florida Bar Passes Pioneering Cybersecurity Recommendation

Baker Botts L.L.P. on 5/5/2025

On March 28, 2025, the Florida Bar unanimously approved Recommendation 25-1, which was proposed by its Cybersecurity & Privacy Law Committee and encourages all Florida Bar members and their firms to adopt certain proactive...more

Top Ten Strategic Advantages of a vCISO with AI Expertise for Developing Business and Protecting AI Applications

J.S. Held on 4/30/2025

In today’s fast-paced digital landscape, Artificial Intelligence (AI) is reshaping industries, unlocking new efficiencies, and enabling transformative business models. Companies leveraging AI to create applications or enhance...more

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on 4/29/2025

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

Insurance Cybersecurity Certifications: An (Updated) State Roundup

Sheppard Mullin Richter & Hampton LLP on 4/15/2025

Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Alston & Bird on 4/11/2025

On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on 4/10/2025

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

400 Results

View per page

Page: of 16

Compliance › Risk Management › Cybersecurity

The EU’s New Cybersecurity Law for the Space Sector

NIS 2: Strengthening Europe’s Cyber Defenses

FERC Moves To Bolster Cybersecurity

EU Space Act: What In-House Counsel Need to Know About the Potential Regulatory Framework for Space Activities in Europe

#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.

The Need for Speed: DoD’s “Software Fast Track” Targets Bureaucracy at Mach 2

Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder

New DOL/EBSA Opinion Letter Program Offers A Path to Clarity for Plan Sponsors

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

The Era of Shadow AI: New Challenges for Corporate Security

Data Governance: Practical Considerations for a Reasonable Security Program

A Call to Do Better at Vendor Security Risks

EU Cyber Resilience Act: How to Prepare Now

Top Healthcare Compliance Priorities for 2025

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Florida Bar Passes Pioneering Cybersecurity Recommendation

Top Ten Strategic Advantages of a vCISO with AI Expertise for Developing Business and Protecting AI Applications

Operational resilience in banking: from regulatory compliance to strategic priority

Insurance Cybersecurity Certifications: An (Updated) State Roundup

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye

Latest FCA Cybersecurity Settlement Shows Enforcement Remains a Priority Under Trump Administration

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

Business resiliency needs to take centerstage if you want to keep pace with cyber threats and supply chain disruptions

Compliance › Risk Management › Cybersecurity

"My best business intelligence, in one easy email…"