FINCast Ep. 40 – 21st Century Financial Warfare: Technology, Economy, & National Security
Why Privacy Matters to Your Business and What's in Store for 2025
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Cost of Noncompliance: More Than Just Fines
No Password Required: President at Constellation Cyber, Former FBI Translator, and Finder of Non-Magical Mushrooms
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
Cyber Threats
No Password Required: A Developer Advocate with Auth0 and an "Accordion Guy" with Rockstar Aspirations
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
[Podcast] NSA Cybersecurity Services for Defense Contractors
Dark Web Monitoring - Unauthorized Access Podcast
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Mandatory Cyber Incident Reporting: Pros, Cons, and Next Steps
The European Commission (EC) has adopted a Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities...more
A recent cyberattack on a Michigan township has exposed weaknesses in the bond-closing process. In this incident, hackers stole over $25 million in bond proceeds by using spoofed email addresses to provide fraudulent wire...more
On January 29, NAVEX is hosting the Top 10 Trends in Risk and Compliance webinar. This post is a preview of two of the topics covered in the eBook and webinar: the rise of AI and the continued focus on cybersecurity and...more
With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more
Publications & Advisories - November 2024 – Kathleen Benway, Jennifer Everett, Alysa Austin, and Kristen Bartolotta published “Federal Trade Commission’s Updated Health Breach Notification Rule Is Now in Effect” in Employee...more
On November 12, 2024, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency, along with its security partners in Australia, Canada, New Zealand, and the...more
The conclusion of Cybersecurity Awareness Month is a reminder of the importance for organizations to implement robust security measures and promote good cyber hygiene. As we noted in our State of the Cyber Landscape webinar,...more
On October 15, 2024, the Cyber Security Agency of Singapore (“CSA”) published Guidelines on Securing AI Systems (the “Guidelines”) alongside a Companion Guide for Securing AI Systems (the “Companion Guide”), which is intended...more
Introduction It wouldn't be much of an exaggeration to say that NIS2 is the acronym on everyone's lips. When coupled with its European sister legislation DORA, we encounter a regulatory twosome that make GDPR feel like...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
Fragile or volatile supply chains, increases in regulatory obligations and enforcement, natural disasters, inflation, political turmoil – all complicated issues for any business to navigate. Among the myriad business...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth. In fact, in 2022, the Government Accountability...more
The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
On May 24, 2023, Microsoft announced the detection of a direct threat to critical infrastructure organizations in Guam and elsewhere in the United States. The alert attributed observed malicious activity to a state-sponsored...more
Join Industry experts Florian Spindler, Manager at KPMG, Claudia Howe, Executive Director of GRC Solutions at Mitratech, and Henry Umney, Director of GRC Strategy at Mitratech as they explore 2023’s current cyber risk...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more
An executive order was signed on May 12, directing the federal government to overhaul its approach to cybersecurity. Corporate compliance and risk management professionals should consider this order carefully — because, in...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
The old saying goes, personnel is policy. This may be particularly true at this point in federal cybersecurity policy, where multiple agencies and Congressional committees play changing roles, including expanding capacities...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more