Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
Work This Way: A Labor & Employment Law Podcast | Episode 48: Opportunities & Risks with Artificial Intelligence in HR with Chingwei Shieh of GE Power
Handling References and Referrals While Safeguarding Your Business
Healthcare Enterprise Risk Management
Hospice Insights Podcast - Still Number One: Healthcare Fraud Remains Central in DOJ’s White Collar Enforcement Plan
Importance of Compliance Management in times of transition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Law Firm ERGs Under Scrutiny: Navigating Compliance, Risk, and Culture - On Record PR
Your Guide to Dealing with Subpoenas Effectively
Upping Your Game: Harnessing AI to Revolutionize Third-Party Risk Management
The Future of Supply Chains: Chris Andrassy on Using AI to Predict & Prevent Disruptions
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
Podcast: Addressing Patient Complaints About Privacy Violations
London Partner Roberta Downey Wired for Disputes: Tech, Infrastructure, and the New Frontier of Risk
Compliance Amidst a Global Consensus Breakdown
Compliance Tip of the Day: Discipline and Rigor in GTE Internal Controls
Great Women in Compliance: Board Bond - Why Ethics & Compliance Professionals Should Be on Boards and How to Get on One
Daily Compliance News: May 28, 2025, The Moron Premium Edition
Compliance Tip of the Day: What are Internal Controls?
On March 12, 2025, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center to advise...more
On February 19, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued...more
As the manufacturing sector continues to embrace the hyper-connected era of Smart Manufacturing, known as Industry 4.0, more and more organizations are integrating advanced automation, artificial intelligence (AI), the...more
In late September, two subcommittees of the U.S. House of Representatives held a joint hearing on responding to ransomware attacks. The hearing—held by the Subcommittee on Cybersecurity, Information Technology, and Government...more
On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been...more
It is safe to say that Board members, CEOs and other key decision-makers everywhere, recognize the significance of cyber risk management and the heavy investment that initiatives in this field represent. Cyber risks in the...more
Ransomware has been one of the top cyber threats in the past several years. Thanks to the WannaCry attack of 2017 and others, most people have heard of this type of cyber threat, but many do not know how it works, how to...more
It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money....more
It may seem that the very term “ransomware” wasted little time going from “newish-sounding threat” to expected, constant presence in the news and IT meetings alike. But, of course, it’s ultimately just a modern word for one...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
Ransomware Particularly Inflicts Health Care and Life Sciences Organizations - Ransomware is a malicious cyber threat vector that employs encryption malware to prevent users from accessing their systems and data unless...more
Find out why the cyberattack on Colonial Pipeline will have broad implications on how the energy industry defends and responds to future incidents....more
If you had never heard of the Colonial Pipeline Company before this week, chances are that you have heard about it now. Sitting in your car waiting in long lines to fill up at your local gas station hoping they don’t run out...more
On January 27 and 28, 2021, the U.S. Department of Justice (DOJ) announced two successful operations to disrupt two different strains of malware, Netwalker ransomware and a banking Trojan known as Emotet, which have affected...more
Our Virtual Regional Compliance Conferences provide updates on the latest news in regulatory requirements, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask questions from...more
Never let a crisis go to waste. This appears to be the maxim of cyber criminals seeking to capitalize on cyber vulnerabilities posed by the COVID-19 pandemic. In fact, the United States Cybersecurity and Infrastructure...more
Users of Universal Health Services (UHS), one of the largest healthcare systems in the country, recently lost access to electronic medical records when UHS suffered a ransomware attack and took its systems offline to...more
We spend a lot of time reporting on ransomware because we are seeing more incidents than ever before, and our readers comment that keeping them up to date on ransomware tactics is helpful. The ransomware gangs, strains and...more
Cybersecurity does not just pose technical challenges; companies must always keep their eye on the human component of cyber risk. For example, even the most damaging and sophisticated hacks – such as the recent Twitter hacks...more
The SEC’s Office of Compliance and Examinations (OCIE) issued a risk alert on July 10 about its observation of an apparent increase in sophistication of ransomware attacks on SEC registrants, including broker-dealers,...more
Beazley Cites Ransomware as the Top Threat for Cyber-Attacks in 2020 - Insurance provider Beazley has issued a report (free registration required) detailing the landscape of cyber-attacks over the past year. The report...more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more