News & Analysis as of

Risk Assessment Information Technology

EDRM - Electronic Discovery Reference Model

[Webinar] Data Risk & Resilience Part IV - Data Deletion Dilemma: A Unified Approach to Defensible Data Disposal - September 26th,...

Data Resilience Masterclass: Navigating the Risks of the Digital Age - Data Risk and Resilience is a critical topic for modern businesses, especially within industries that handle vast amounts of sensitive information....more

Warner Norcross + Judd

Managing Cybersecurity Risk for Family Offices and Businesses

Warner Norcross + Judd on

Whether caused by family member thoughtlessness, employee error or the acts of a skilled data thief, everyone is likely to be the victim of an information breach at some point. A cyberattack on a family office or family...more

K&L Gates LLP

Digital Operational Resilience in the Financial Services Sector: EU and UK Update

K&L Gates LLP on

With under six months to go until the European Union Digital Operational Resilience Act (DORA) becomes applicable on 17 January 2025, DORA implementation projects are running full steam ahead. DORA lays down uniform...more

Orrick, Herrington & Sutcliffe LLP

RegFi Episode 42: Beyond the Breach: The CISO’s Role as a Strategic Risk Manager

RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more

StoneTurn

Building a High Trust Organisation

StoneTurn on

In a high trust organisation each member can be relied upon to demonstrate behaviours which foster transparency, good decision making and delivery of the shared vision without a large controlling overhead. It’s rare in...more

EDRM - Electronic Discovery Reference Model

What Everyone Gets Wrong About Inherent Risk, and Why it Really Matters

Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more

Woods Rogers

DoD Unveils Cybersecurity Strategy for Defense Industrial Base: What You Need to Know

Woods Rogers on

The United States Department of Defense (“DoD”) recently published its Defense Industrial Base Cybersecurity Strategy 2024. For context, the DIB is comprised of more than 100,000 domestic and foreign companies or...more

Benesch

Export Controls Evolving for Infosec Threats to Cloud, SaaS, IaaS, AI Platforms

Benesch on

The growth of cloud services, Software-as-a-Service (“SaaS”) and Infrastructure-as-a-Service (“IaaS”) arrangements, Artificial Intelligence (“AI”) models, and increased reliance on the use outsourced technology service...more

Society of Corporate Compliance and Ethics...

Third-party due diligence: Are supplier questionnaire(s) the answer?

Numerous laws (U.K. Bribery Act guidance document, German Supply Chain Act, Foreign Corrupt Practices Act resource guide, OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and...more

Jones Day

NYDFS Expands Cybersecurity Regulations: Extortion Payment Reporting, Corporate Governance, and Technical Requirements

Jones Day on

A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more

Orrick, Herrington & Sutcliffe LLP

RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk

Matt Van Buskirk, co-founder of Hummingbird Regtech, joins RegFi hosts Jerry Buckley and Sherry Safchuk for a conversation about the importance of equipping regulators and in-house compliance teams with the tools and...more

Jackson Lewis P.C.

Importance of Protecting Employee Information as Privacy and Cybersecurity Laws Proliferate

Jackson Lewis P.C. on

Most human resources professionals are concerned about the privacy and security of the vast amounts of personal information they manage. This article discusses steps to consider taking against the challenges. Deluge of...more

Dunlap Bennett & Ludwig PLLC

The Complexity Of Digital Privacy Law—Insights And Implications

The digital age has ushered in a host of transformative opportunities for businesses, from enhanced customer engagement through data analytics to streamlined operations via digital platforms. However, this digital...more

Foley Hoag LLP - Global Business and Human...

A Human Rights Impact Assessment of Microsoft's Enterprise Cloud and AI Technologies Licensed to U.S. Law Enforcement Agencies

Microsoft is one of the world’s leading technology companies. Its products and technologies are in offices, classrooms, and homes. Additionally, governments use them to help conduct vital public services. Microsoft is also...more

Dunlap Bennett & Ludwig PLLC

The Role Of A Cybersecurity Law Firm In Safeguarding Digital Assets

In today’s digital landscape, organizations face numerous cybersecurity threats that can compromise their valuable digital assets, including their data, IT infrastructure, networks, software, and intellectual property (IP)....more

NAVEX

Artificial Intelligence – The Next Frontier of GRC Management

NAVEX on

It’s safe to say that there could be a whole series dedicated to Artificial Intelligence (AI) and the various use cases and ramifications of such groundbreaking technology. While there are ethical considerations, security...more

J.S. Held

Water Cybersecurity? EPA Mandates Regulations to Prevent Cyberattacks on Public Water Systems

J.S. Held on

EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more

J.S. Held

Cyber Hygiene in 2023: Part 1 – Getting Buy-In from Users

J.S. Held on

As we progress through 2023, both new and old cyber challenges remain, but opportunities for improvement are present. For the upcoming year, assume the following: 1. Past challenges have not been overcome, and we still...more

Burr & Forman

Cybersecurity Checklist for Vendor Management – Vendor Security

Burr & Forman on

By now, you have heard many news stories about debilitating cyberattacks that started with the compromise of a vendor's systems and ultimately wreaked havoc on that vendor's customers. As a result, many businesses are seeking...more

Polsinelli

Cybersecurity Awareness Means, at a Minimum, Doing the Basics (Again and Again)

Polsinelli on

On September 30, 2022, the White House kicked off Cybersecurity Awareness Month by reminding citizens of the impacts cyberattacks can have on critical infrastructure such as “electric grids and fuel pipelines … and many other...more

Pietragallo Gordon Alfano Bosick & Raspanti,...

Requirements of Cybersecurity Expert Testimony in the Third Circuit

Takeaway: In many data breach cases, a cybersecurity expert may evaluate whether the company’s security measures were reasonable and appropriate or, alternatively, if the company lacked the requisite technology to detect a...more

Epiq

Elevating Cyber Risk Analysis During M&A Due Diligence

Epiq on

Before a deal closes on a merger or acquisition, due diligence investigation will ensue to confirm goal alignment and identify any obstacles present. There are several integral components of this process such as identifying...more

Vinson & Elkins LLP

Guidance 3.0: TSA Issues a Third Directive on Pipeline Security

Vinson & Elkins LLP on

It has been over a year since the Colonial Pipeline cybersecurity incident, and the Department of Homeland Security’s Transportation Security Administration (“TSA”) continues to issue cybersecurity directives to owners and...more

Porter Hedges LLP

Cybersecurity Risk Management Practices for Small and Midsize Businesses

Porter Hedges LLP on

Cybersecurity is the goliath of tech-related concerns for companies of all sizes, not just large corporations. The Cybersecurity & Infrastructure Security Agency (“CISA”) encourages small and midsize businesses to focus on...more

NAVEX

Your Questions, Answered: Assessing and Maturing Third-Party and IT Risk Management Programs

NAVEX on

Recently, NAVEX hosted a webinar featuring Carol Williams, CEO and principal consultant at Strategic Decision Solutions where she discussed best practices on how to assess and mature third-party and IT risk management...more

70 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide