Great Women in Compliance: Movements, Not Mandates with Amy Wilson
Daily Compliance News: May 7, 2025 the Private Lives Edition
Adventures in Compliance: The Novels – A Study in Scarlet, Dr. Watson
Compliance into the Weeds: Settlement of OCC Charges for Wells Fargo Internal Auditors
Innovation in Compliance: Training Synergy: Insights from Compliance and HR Integration with Lori Stahl
Daily Compliance News: May 1, 2025, The 100 Days of Corruption Edition
Daily Compliance News: April 29, 2025, The GenZ/RTO Edition
Daily Compliance News: April 24, 2025, The Made in Malaysia Edition
Navigating 2025: Trends in OFAC and DOJ Enforcement for Digital Assets — The Crypto Exchange Podcast
Daily Compliance News: March 25, 2025, The AI Skills Edition
Because That’s What Heroes Do: Deep Space 9 – Episode 25: Penumbra and Beginning of the Final Arc
Everything Compliance, Shout Outs and Rants: Episode 151, The What is Illegal DEI Edition
Creativity and Compliance: Adding Spice to Compliance Programs
Daily Compliance News: February 26, 2025, The Corrupt World Edition
Daily Compliance News: February 14, 2025, The Valentine’s Day Edition
Podcast - Rewriting the Narrative of Private Equity in Healthcare
FCPA Compliance Report: Strategic ROI - Navigating Export Controls and Compliance
Life With GDPR – Navigating The EU AI Act
Navigating Consumer Protection: The CFPB's Expanding Reach — Payments Pros – The Payments Law Podcast
FCPA Compliance Report: Jonathan Wilson on the Current Status of CTA Litigation
While the US federal government is largely scaling back its rulemaking and compliance efforts, one critical exception is where personal data and technology intersect with national security. Exemplifying this trend, on April...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more
We explore what trustees need to be aware of when dealing with data and complying with their obligations under the Data Protection (Bailiwick of Guernsey) Law, 2017 and related legislation (the "DP Law")....more
The New York Department of Financial Services has modified its cybersecurity requirements for regulated entities. These requirements are in addition to those included in the regulations as last updated in November of last...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial...more
The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more
On Jan. 1, the Corporate Transparency Act (CTA) went into effect, premised on the belief that illicit actors use corporate structures like shell companies and fronts to hide their identities and launder criminal proceeds...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
Introduction: On February 12, 2024, the Federal Communications Commission (FCC) finalized a critical cybersecurity rule, Sec. 64.2011, mandating telecommunications carriers and TRS (Telecommunications Relay Services)...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
This article is the second in a series of articles about Cybersecurity Awareness Month. Throughout October, K2 Integrity will be providing tips and solutions to organizations to commemorate the 20-year anniversary of the...more
On July 26, the Securities and Exchange Commission (“SEC”) finalized a much anticipated rule addressing cybersecurity risk management, strategy, governance, and incident disclosure. Public companies registered with the SEC...more
The Texas Data Privacy and Security Act (TDPSA) became law on June 16, 2023. Texas becomes the 11th state to enact a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut, Utah, Iowa,...more
In May 2021, Colonial Pipeline, a privately held oil pipeline responsible for nearly half of the oil supply for the U.S. East Coast, was crippled by a DarkSide ransomware attack. DarkSide is widely believed to be a...more
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The background and contours of CIRCIA are discussed in a previous update. CIRCIA authorizes and...more
The Indian Computer Emergency Response Team (“CERT-In”) issued Directions on April 28, 2022 “to strengthen the cybersecurity in the country” and that has significant implications for the cybersecurity landscape. Effective...more
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), signed into law by President Biden in March 2022 as part of the Consolidated Appropriations Act of 2022, will require companies operating in...more
The last few months have seen a flurry of new federal cybersecurity incident reporting requirements and proposals impacting private entities in the financial sector. As the number and frequency of cyber attacks continue to...more
In the wake of Russia’s invasion of Ukraine, and amid growing concerns regarding the threat of increased cyberattacks targeting infrastructure and other critical industries, there has been a flurry of federal activity to...more
President Biden recently signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 as a part of a larger omnibus appropriations bill. The new law sets out mandatory reporting requirements for...more