Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 241: Fighting Nurse Burnout with Data-Driven Innovation with Dr. Ecoee Rooney of Indicator Sciences
Compliance Tip of the Day: Assessing Internal Controls
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
Multijurisdictional Employers, P2: 2025 State-by-State Updates on Non-Compete/Non-Solicitation Agts
10 For 10: Top Compliance Stories For the Week Ending June 28, 2025
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Episode 30 - Inaugural Episode with Ian Sherr: Compliance Week’s Insights and Reflections from June to July 2025
How International Companies Can Prepare for July 9 Tariffs
The Dark Patterns Behind Corporate Scandals
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Daily Compliance News: June 26, 2025, The? Matt Galvin Honored Edition
Current Regulatory, Legislative, and Litigation Developments on ADA Website Accessibility for Consumer Finance Digital Platforms — The Consumer Finance Podcast
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Legal Shifts in 2025 Put Employer Non-Compete Strategies at Risk - Employment Law This Week® - Spilling Secrets Podcast
Summer Strategies for Work Success
As tensions flare in the Middle East, speculation is growing over the potential impacts of Iranian cyberattacks targeting US based companies and infrastructure. We saw similar reactions in 2020 following the death of the head...more
On March 12, 2025, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center to advise...more
On February 19, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
In the continuously evolving landscape of cyber threats, organizations must be proactive in identifying and mitigating potential risks to their digital assets and operations. A critical step in building cyber resilience is...more
Editor's Note: The convergence of CYE's and Surfshark's analyses reveals a critical juncture in the fight against cyber threats. With the U.S. leading global data breaches and businesses facing significant insurance coverage...more
Pursuant to President Biden’s October 2023 AI executive order, the US Department of Treasury (Treasury) released a report on cybersecurity risks in the financial services sector in March 2024. While recognizing the...more
On May 24, 2023, Microsoft announced the detection of a direct threat to critical infrastructure organizations in Guam and elsewhere in the United States. The alert attributed observed malicious activity to a state-sponsored...more
In late September, two subcommittees of the U.S. House of Representatives held a joint hearing on responding to ransomware attacks. The hearing—held by the Subcommittee on Cybersecurity, Information Technology, and Government...more
Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been...more
Ransomware has been one of the top cyber threats in the past several years. Thanks to the WannaCry attack of 2017 and others, most people have heard of this type of cyber threat, but many do not know how it works, how to...more
It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money....more
Moving towards more predictive postures, leveraging multiple sources of information such as cyber threat, business, and geopolitical intelligence, allow organizations to gain a better handle on crises before they occur. By...more
In its April 27 Weekly Update, the Financial Industry Regulatory Authority’s (“FINRA”) National Cause and Financial Crimes Detection program urged FINRA member firms to review a cyber-threat alert arising from Russia’s...more
It may seem that the very term “ransomware” wasted little time going from “newish-sounding threat” to expected, constant presence in the news and IT meetings alike. But, of course, it’s ultimately just a modern word for one...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
On January 27 and 28, 2021, the U.S. Department of Justice (DOJ) announced two successful operations to disrupt two different strains of malware, Netwalker ransomware and a banking Trojan known as Emotet, which have affected...more
Our Virtual Regional Compliance Conferences provide updates on the latest news in regulatory requirements, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask questions from...more
Emotet, arguably one of the most active malware threats of the past five years, took a bit of a break during the summer months to receive an update and has returned now as a Windows Update attachment....more
The UK National Cyber Security Centre and Canada’s Communications Security Establishment released an advisory linking APT29 (also known as, ‘the Dukes’ or ‘Cozy Bear’) to attacks against COVID-19 vaccine development in...more
Human resources can no longer just rely on their IT and legal counsel to focus on the concerns and issues surrounding cyberattacks. As more companies re-open and unemployment rates grow, cyber criminals are continuing to...more
Disruptionware is defined by the Institute for Critical Infrastructure Technology (ICIT) as a new and “emerging category of malware designed to suspend operations within a victim organization through the compromise of the...more
Cybersecurity compliance, like the compliance profession, is rapidly growing. The forces pushing cyber compliance are two-fold: the ever-increasing and changing nature of cyber threats and harms, and the logical application...more
Malware was recently identified that appears to have been designed and deployed by a nation-state to target and shut down electric grids. According to published reports, this malware currently appears to be capable of...more
We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks...more