Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Cybersecurity in 2025 will continue to face escalating challenges from AI-driven threats, geopolitical tensions, and increased regulatory scrutiny. Organizations must adapt to sophisticated cyberattacks fueled by AI,...more
On November 14, 2024, the Department of Homeland Security (“DHS”) announced a set of voluntary recommendations called the “Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure”...more
Critical Infrastructure Protection/EPA Urgently Needs a Strategy to Address Cybersecurity Risks to Water/Wastewater Systems: GAO Issued Report - The United States Government Accountability Office (“GAO”) released on August...more
Information sharing has seemed like the “holy grail” of federal cyber policy: sought after but elusive, especially to those who think it will solve their problems. At a time of increased regulation and looming mandates for...more
The Department of Homeland Security’s Transportation Security Administration (“TSA”) has issued an amended directive on pipeline security, SD-Pipeline-2021-02D (the “Directive”). The Directive is based on and supersedes the...more
It has been over a year since the Colonial Pipeline cybersecurity incident, and the Department of Homeland Security’s Transportation Security Administration (“TSA”) continues to issue cybersecurity directives to owners and...more
As the adoption of 5G technology by many private and public organizations approaches, assessments are being put in place to evaluate whether federal agencies can operate with 5G technology. Regulation agencies in...more
The U.S. Cybersecurity & Infrastructure Agency (CISA) has issued a rare “shields up” warning regarding cybersecurity attacks, saying that every organization, of every size, should be prepared to respond to disruptive cyber...more
On 21 September 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an updated advisory that highlights the sanctions risks associated with making ransomware payments. OFAC reiterated...more
The Transportation Security Administration (TSA) on July 20, 2021, reversed two decades of pipeline cybersecurity policies. Having previously advocated for voluntary pipeline cybersecurity standards, the TSA quickly issued...more
Less than a month after the high-profile ransomware attack against Colonial Pipeline, the Department of Homeland Security's (DHS) Transportation Security Administration (TSA) has issued its first-ever set of mandatory...more
On May 27, 2021, against the backdrop of the Colonial Pipeline cybersecurity incident, the Department of Homeland Security’s Transportation Security Administration (“TSA”) announced Security Directive Pipeline-2021-01...more
The old saying goes, personnel is policy. This may be particularly true at this point in federal cybersecurity policy, where multiple agencies and Congressional committees play changing roles, including expanding capacities...more
In recognition of National Cybersecurity Awareness Month, each week this October, we will highlight a different step that organizations can take to increase awareness of potential cyber threats, reduce the risk of a cyber...more
• DoD and other government agencies will scrutinize contractors’ supply chain security plans and programs from proposal submission to contract closeout. • The 2019 NDAA as approved by Congress and DHS initiatives highlight...more
Cybersecurity risks to the health and medical device sector continue to be front and center both in Congress and the executive branch, with increasing risks coming from nation states, nonstate actors and other attackers. The...more
Two provisions of the Cybersecurity Act of 2015—the Federal Cybersecurity Enhancement Act and the Federal Cybersecurity Workforce Assessment Act?task the Department of Homeland Security (“DHS”) and the Office of Management...more
The maritime industry may beone of the oldest in the world, but in-depth reports issued by the United States Accountability Office (“GAO”) and the European Network and Information Security Agency (“ENISA”) confirm that our...more
On February 12, 2013, President Obama signed both an executive order and a presidential directive that together set forth the administration’s approach to two key cybersecurity related issues: (i) regulating critical...more