Legal AI in Practice: Firm Governance, Build vs. Buy Decisions, and Vendor Due Diligence — The Good Bot Podcast
Point-of-Sale Finance Series: Understanding State Licensing for Nonbank Providers — The Consumer Finance Podcast
(Podcast) The Briefing - Studios Beware: The Danger of the Beauty and the Beast Copyright Decision
Innovation in Compliance: Brad Stevens: Part 1 - Transforming Outsource Perceptions
Podcast — EU Data Act: Spotlight on Switching Requirements for Data Processing Services
Compliance into the Weeds: Fracht - The Bonkers Sanctions Case
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Cyber law and practice have continued to evolve over the past 12 months. New laws and regulations have been unveiled or come into force, while enforcement authorities have sharpened their focus on issues including board...more
The National Institute of Standards and Technology (NIST) recently released their initial preliminary draft of NIST IR 8596, also known as the Cybersecurity Framework Profile for Artificial Intelligence. This new...more
Cloud computing has been sold as elastic, on-demand access to virtually unlimited resources. However, the rapid growth of data-intensive and artificial intelligence–driven workloads has strained the availability of certain...more
A third-party data breach occurs when malicious actors compromise a vendor, supplier, contractor, or other organization to gain access to sensitive information or systems of the victim’s customers, clients, or business...more
Each year, there is a holiday surge in cyberattacks employing a wide range of attack vectors. This heightened activity can make organizations more vulnerable to legal and regulatory scrutiny. This is a good time to check your...more
The almost daily prevalence of cyber-attacks has brought the issue of cybersecurity as a core governance responsibility to the front of mind of company boards. In 2024 alone, over 15 million cyberattacks were recorded...more
Once a company’s organizational documents are settled, the day-to-day aspects of the company’s operations must be addressed, specifically interactions with its suppliers and customers. Even though the company may be eager to...more
On October 21, 2025, the New York Department of Financial Services ("NYDFS") sent a letter to the executives and information security personnel at covered entities with new guidance for managing technology and data risks...more
Since the enactment of Singapore’s Cybersecurity Act 2018 (Cybersecurity Act), Singapore’s digital economy has grown rapidly, and cyber threats have evolved at a remarkable pace. To address this shifting landscape, the...more
When cyberattacks strike global giants, it’s front-page news. But what about the smaller breaches -- the ones that don’t make headlines? Increasingly, they’re making waves in courtrooms and regulatory enforcement agencies. ...more
Fraud isn't standing still. As everyday digital tools become more powerful, they are also making some of the oldest scams faster and harder to spot. Fraud isn’t standing still As everyday digital tools become more powerful,...more
As 2025 comes to an end, there have been some valuable cybersecurity lessons for businesses. These involve vendor oversight, internal coordination, and incident response plans. Businesses should vow to address them in 2026 if...more
Another type of cyber attack. Operations for Japan-based beverage giant Asahi Group Holdings recently shut down after a cyberattack, causing a ripple effect that extended far beyond its breweries. The incident forced...more
Organizations that rely on third-party vendors for critical operations face unique challenges in managing vendor risks. These external relationships are essential for operational success, but can also create vulnerabilities...more
Ed. Note: This is the fifth article in our series, “Conjuring Competitive Advantage: An AI Spellbook for Leaders,” focused on unlocking AI for business with practical steps and insights. Read Part 1, Part 2, Part 3, and Part...more
On the Rise: Cyberattacks through the supply chain have increased by over 400% in recent years. Leaders need to take action. Enhance Third-Party Cybersecurity: Regularly audit suppliers’ cybersecurity practices and limit...more
OAuth tokens streamline access but create new vulnerabilities that threat actors are exploiting. Learn how to secure token infrastructure through robust monitoring, governance, and vendor management....more
Manufacturing supply chains have become high‑value targets for cybercriminals, facing relentless attacks as the industry remains the most targeted sector for the fourth consecutive year. Supply chain-related attacks have...more
Imagine discovering that half your vendors haven’t been evaluated in a year — or realizing that AI usage across your organization is growing faster than your governance framework can keep up. According to a recent study, this...more
The Financial Stability Board (FSB) has published a report examining how financial authorities can monitor the adoption of AI and assess related vulnerabilities. Building on its 2024 report and drawing on insights from a...more
A new cyber threat, the "Shai-Hulud" worm, has compromised the Node Package Manager (npm) ecosystem, which is widely used by organizations for JavaScript development. This attack has resulted in widespread theft of...more
In a significant strategic move, Best Buy has officially launched a new third-party online marketplace, integrating it into BestBuy.com and in the Best Buy App. This launch more than doubles the retailer’s online product...more
ComplexDiscovery Editor’s Note: The Salesloft Drift breach, which affected over 700 organizations between August 8–18, 2025, marks a defining moment in the evolution of SaaS-related supply chain attacks. With attackers...more
Data breaches are increasing in frequency and cost for U.S. corporations, and businesses in the supply chain are often prime targets for bad actors. It’s critical for suppliers to understand the risk and costs of data...more
The Salesloft Drift breach that unfolded between August 8 and 18, 2025, represents one of the most significant supply chain attacks targeting Software-as-a-Service (SaaS) platforms in recent years. This sophisticated...more