News & Analysis as of

Information Technology Data Security Compliance

Integreon

DORA Compliance Part 2: Addressing Compliance Across Critical Operational Areas

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

Mitratech Holdings, Inc

IT/DR Plan Spring Cleaning: How to Replace Outdated Policies

Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more

A&O Shearman

ESAs roadmap for designation of critical ICT third-party service providers under DORA

A&O Shearman on

The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more

A&O Shearman

European Central Bank updates TIBER-EU framework to align with DORA RTS on TLPT

A&O Shearman on

The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more

Mitratech Holdings, Inc

IT Incident Management Simplified: 5 Strategies for Effective Recovery

Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more

Mitratech Holdings, Inc

BCP & IT/DR: Why Your Business Continuity Strategy Needs Both

Balancing Business Continuity and IT Disaster Recovery is crucial for robust organizational resilience. So, how does your organization integrate both strategies for maximum impact?...more

Sheppard Mullin Richter & Hampton LLP

Data, Deals, and Diplomacy, Part III: DOJ Issues National Security Final Rule with New Data Compliance Obligations for...

On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more

Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

A&O Shearman

The EU Cyber Resilience Act - What You Need to Know

A&O Shearman on

The EU Cyber Resilience Act (CRA) entered into force on 10 December 2024. The CRA is the first legislation of its kind in the world that aims to enhance the cyber security of products or software with a digital component...more

Faegre Drinker Biddle & Reath LLP

EU Digital Operational Resilience Act Priorities for 2025

Background - The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more

Jackson Lewis P.C.

FAQs for Schools and Persons Affected By the PowerSchool Data Breach

Jackson Lewis P.C. on

A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more

Ankura

The Evolution of Password Management

Ankura on

In today's digital landscape, robust password management is critical to information security. With the increasing complexity of cyber threats, ensuring secure access to sensitive information has become more critical than...more

Venable LLP

Offensive Security Under the EU Digital Operational Resilience Act (DORA)

Venable LLP on

The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more

The Volkov Law Group

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

The Volkov Law Group on

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains...more

Opportune LLP

On-Prem Servers vs Azure Cloud: Choosing the RightAngle…

Opportune LLP on

In today's digital landscape, businesses face a choice when implementing RightAngle, do they use their existing on-prem servers and infrastructure, or do they create a new infrastructure and provision servers for the...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

HaystackID

[Webcast Transcript] M365 for Law Firms and Lawyers: Purview Premium eDiscovery and Security, Capabilities and War Stories

HaystackID on

Editor’s Note: In a rapidly evolving technological landscape, understanding the capabilities and limitations of platforms like Microsoft 365 (M365) is crucial for law firms, especially in the realms of eDiscovery and...more

The Volkov Law Group

The Cyber Compliance Imperative: Bringing Employees Together with Technology (Part III of IV)

The Volkov Law Group on

It is easy to get lost in the technology world of cyber security – the information technology business relies on lots of acronyms, techno-speak and function-specific terminology.  In responding to a cyber and data security...more

American Conference Institute (ACI)

The Role of Artificial Intelligence in Ephemeral Messaging

As U.S. regulators and enforcement authorities alike become increasingly focused on corporate oversight practices of their employees' use of third-party messaging applications, including ephemeral messaging, companies should...more

J.S. Held

Water Cybersecurity? EPA Mandates Regulations to Prevent Cyberattacks on Public Water Systems

J.S. Held on

EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more

BCLP

Cyber laws will be updated to boost UK’s resilience against online attacks

BCLP on

The UK government confirmed on 30 November 2022 that there will be changes to the UK’s cybersecurity regulations in response to a public consultation launched earlier this year. This follows recent updates relating to the...more

HaystackID

[Webinar] CFIUS Compliance: Your Organization’s Growth and Investment Strategy May Be a Matter of National Security - July 27th,...

HaystackID on

The Committee on Foreign Investment in the United States (CFIUS) is a U.S. government interagency committee with the responsibility to review foreign investments in U.S. businesses and real estate transactions for national...more

NAVEX

The Complicated Tango of Compliance & Cybersecurity

NAVEX on

A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more

Society of Corporate Compliance and Ethics...

[Event] 20th Annual Compliance & Ethics Institute - September 19th - 22nd, Las Vegas, NV

SCCE’s Compliance & Ethics Institute is the primary educational and networking event for compliance and ethics professionals worldwide. Leading industry professionals cover real‑world compliance issues, emerging trends, and...more

52 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide