Because That’s What Heroes Do: Deep Space 9 – Episode 30: Deep Trek Themes from Tacking into the Wind
Breaking Down the Shifting Vaccine Policy Landscape – Diagnosing Health Care Video Podcast
Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Innovation in Compliance: Design-Centric Compliance Training with Karen Oddo
Compliance Tip of the Day: AI and Predictive Analytics
FCPA Compliance Report: Kristy Grant-Hart on A 360° Review of the Future of Compliance
Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
Daily Compliance News: April 23, 2025, The R-E-S-P-E-C-T Edition
Aligning Business Goals with Legal Strategies Amid Regulatory Change – Speaking of Litigation Video Podcast
Compliance Tip of the Day: Embedded Compliance
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
Innovation in Compliance: Strategic Compliance in Regulated Industries with Kerri Reuter
Daily Compliance News: April 22, 2025, The Upping Your Game Edition
Insider Strategies for Wage and Hour Compliance Success: One-on-One with Paul DeCamp
Compliance Tip of the Day: The Role of Supply Chain and Compliance in Tariffs
Innovation in Compliance: The Strength Trap: When Being the Strong One Starts Breaking You – Part 3: Mastering Stress Communication with the C.A.R.E.S. Framework
Daily Compliance News: April 17, 2025, The Musk Fights BEE's Edition
Daily Compliance News: April 16, 2025, The Fired by AI Edition
Compliance Tip of the Day: Role of Compliance in Upcoming Trade Wars
As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
As part of Data Privacy Awareness Week, Ward and Smith is spotlighting the most common types of data breaches that businesses encounter. In Part 1, we explored the industries most vulnerable to cyberattacks, highlighting the...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
It is no secret that ransomware dominates headlines, and cybersecurity incidents have become part of our everyday language. However, the criminal “business model” behind ransomware keeps evolving. Originally published in...more
After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
Compliance and Regulations - Ensure adherence to SEC regulations with appropriate privacy and cybersecurity policies tailored to SEC requirements....more
The questions below are intended to help in-house counsel obtain the most important information related to technology projects so they can evaluate risks to the company’s data, intellectual property, and commercial interests,...more
The global cyber threat landscape is rapidly evolving. The number of attacks, threat vectors, and endpoints continues to grow exponentially alongside the average time to detect and respond to a security incident. Today,...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
As the use of Microsoft Teams has exploded, compliance officers, information governance professionals, and other risk management decision-makers must determine whether they have the right tools to secure the information that...more
Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more
Modern business requires the engagement of professional services providers, such as IT services, marketing, software, data hosting, or other needed services. Far too often, though, the agreements governing these relationships...more
Among the many other hard lessons the COVID-19 pandemic has been teaching businesses, there’s this one: Vendor risk management has become even more complex than before. Frighteningly complex, in fact, making it even more...more
Data breaches are a hot topic and will undoubtedly get even hotter. Cybersecurity for your own enterprise isn’t enough — you must evaluate your vendors and determine if they’re prepared to resist cyberattacks. ...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
The California Consumer Privacy Act (CCPA) imposes a broad array of new legal obligations on businesses to inform consumers about the categories of personal information being collected online and how it will be used....more
We all know that businesses rely on a large number of third-party vendors to support their business operations. Many of these third parties require access to a company’s data and its internal information and technology...more
On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect....more
Most companies today use some form of cloud computing whether through software-as-a-service, platform-as-a-service, or infrastructure-as-a-service. Cloud computing’s cost-effective scalability can offer significant advantages...more
South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed...more