Tariffs and Trade Series: What Senior Management Teams Need to Know
No Password Required: CEO of HACKERverse.ai, Disruptor of Cybersecurity Sales and Most Other Things
Compliance Tip of the Day: Multiplying the Influence of Compliance
Daily Compliance News: May 13, 2025, The Leaving on a Jet Plane Edition
Compliance tip of the Day: Communication Through Persuasion
FCPA Compliance Report: Upping Your Game in Compliance
Episode 368 — LRN Issues New Report Highlighting Growing Gap in Compliance Program Performance
Compliance Tip of the Day: Empowering Middle Managers to Drive Compliance Transformation
Creativity and Compliance: From Compliance Enforcers to Trusted Advisors: The Path Forward
Top Healthcare Compliance Priorities for 2025
Compliance Tip of the Day: Middle Managers as the Eyes and Ears of Compliance
ADA Compliance for Medical and Dental Practices: Responding to Inquiries and Investigations
Innovation in Compliance: Exploring the Intersection of Compliance, Technology, and AI with Ben Sperry
What Every Law Firm Leader Can Learn from Law Day and the Perkins Coie Ruling: On Record PR
Compliance Tip of the Day: Elevating Compliance Through Connected Middle Managers
Compliance into the Weeds: USRA Declination Case Study - Self-Disclosure Best Practices
Compliance Tip of the Day: Middle Managers as Ethical Cornerstones
Understanding Human Trafficking and Modern Slavery: A Business Imperative with Clint Palermo
SBR Author’s Podcast: Understanding Complexity with Dr. Jean Boulton, Part 2: The Power of Simple Principles in Ethics and Compliance
Daily Compliance News: May 6, 2025 the Made in China Edition
Our company experienced a cybersecurity incident. It seemed pretty minor — just a few suspicious emails and an employee’s account being locked. To my dismay, we’re now hearing from our IT team that the issue is more serious....more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more
With the onslaught of new privacy, AI and cyber legislation coupled with promises for enforcement and class action litigation, running a well-functioning and flexible privacy and cyber program is increasingly a critical...more
As the digital landscape evolves, so do the threats that accompany it. The rise of artificial intelligence (AI) has fundamentally transformed the nature of cybercrime, enabling attackers to execute more sophisticated and...more
NIS2 (Network and Information Systems Directive 2) is the updated version of the NIS Directive, which the EU first introduced in 2016. The original NIS Directive aimed to enhance cybersecurity across member states by...more
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
Cyber issues are seldom out of the news, from ransomware attacks and espionage to non-malicious outages that cause widespread concern. Organizations need to protect themselves against both current and future risks and...more
On November 14, 2024, the European Commission published the first draft of the General-Purpose AI Code of Practice (the Draft Code). The Draft Code is designed to help providers of general-purpose AI models (GPAI) and...more
Numbers never lie. The second most targeted industry in terms of hacking and breaches is Finance, which was the victim somewhere in the realm of 2,306 to 2,792 cyberattacks in 2023 (depending on the source). With each data...more
We’re back with a deeper dive into the 2024 Data Security Incident Response Report, which features insights and metrics from 1,150+ incidents in 2023. This episode dives deeper into the data, including network intrusions...more
Fragile or volatile supply chains, increases in regulatory obligations and enforcement, natural disasters, inflation, political turmoil – all complicated issues for any business to navigate. Among the myriad business...more
Kennedys and Booz Allen Hamilton are delighted to invite you to our 3 hour webinar on Thursday, June 27, 2024. This half-day seminar features three presentations: Clear and present danger, In the war room, and The fallout....more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
With the onslaught of new privacy legislation and cyber threats coupled with upticks in enforcement, running a well-functioning and flexible privacy program is now, more than ever, a critical component of an organization’s...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules in 2023 that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
After an extensive comment period, the SEC announced on July 26 that it was formally adopting new rules for public companies governing cybersecurity disclosures. The rules had generated significant backlash from public...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
On July 26, the Securities and Exchange Commission adopted a new rule regarding cybersecurity risk management, strategy, governance, and incident disclosure. The “Cybersecurity Incident Disclosure Rule” will be applicable to...more
Government agencies at the state and federal levels are increasingly training their sights on the cybersecurity resiliency of companies in an array of industries. The US Securities and Exchange Commission has proposed rules...more
As cybersecurity incidents become increasingly complex, your initial response to a potential cybersecurity crisis matters. The decisions that you make in the first 24 to 48 hours of a potential cybersecurity incident can have...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
In an increasingly interconnected world, cyber risk is firmly at the top of the boardroom agenda, and having an effective data breach response programme is no longer optional. ...more
Economic uncertainty, health and safety, work from home, IT security issues, continuity, and operational resiliency…it is like an intricate pattern of dominos falling over....more