Legal AI in Practice: Firm Governance, Build vs. Buy Decisions, and Vendor Due Diligence — The Good Bot Podcast
Point-of-Sale Finance Series: Understanding State Licensing for Nonbank Providers — The Consumer Finance Podcast
(Podcast) The Briefing - Studios Beware: The Danger of the Beauty and the Beast Copyright Decision
Innovation in Compliance: Brad Stevens: Part 1 - Transforming Outsource Perceptions
Podcast — EU Data Act: Spotlight on Switching Requirements for Data Processing Services
Compliance into the Weeds: Fracht - The Bonkers Sanctions Case
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Outsourcing strategies in 2026 are being shaped by persistent disruption. Geopolitical uncertainty, major service outages, talent disruption, and post COVID-19 consolidation initiatives are driving a renewed focus on...more
On January 29, 2026, the Federal Communications Commission’s (“FCC” or the “Commission”) Public Safety and Homeland Security Bureau issued a Public Notice (DA 26-96) to highlight best practices that communications providers...more
Property and casualty insurers manage high volumes of regulated, document-driven communications, including policies, endorsements, billing statements, and legally required notices, that must be produced and delivered...more
From my perspective, hopefully a reasonable one, there is a little too much AI-Risk Hype. Not to belittle the experts or ignore potential risk concerns but this is getting a little carried away....more
Ransomware attacks continue to evolve in sophistication, disrupting operations and commanding the urgent attention of regulators, law enforcement and government agencies....more
In this episode of The Good Bot, Brett Mason sits down with Leigh Zeiser, director of AI and automation at Troutman Pepper Locke, to unpack how the firm operationalizes AI responsibly. They discuss the firm's AI portfolio —...more
A third-party data breach occurs when malicious actors compromise a vendor, supplier, contractor, or other organization to gain access to sensitive information or systems of the victim’s customers, clients, or business...more
Financial regulators including the Securities and Exchange Commission (“SEC”) continued to focus on data protection and cybersecurity issues throughout 2025....more
The Basel Committee on Banking Supervision (BCBS) has published its principles for the sound management of third‑party risk, replacing the 2005 Joint Forum outsourcing paper and establishing a common baseline for banks and...more
Each year, there is a holiday surge in cyberattacks employing a wide range of attack vectors. This heightened activity can make organizations more vulnerable to legal and regulatory scrutiny. This is a good time to check your...more
On October 21, 2025, the New York Department of Financial Services ("NYDFS") sent a letter to the executives and information security personnel at covered entities with new guidance for managing technology and data risks...more
Over the last several years, plaintiffs’ attorneys and other individuals have used antiquated wiretapping laws, including California’s 1967 wiretapping act, to allege that businesses with websites utilizing third parties and...more
Companies and law firms need to control the risks posed by AI. But when your company purchases an AI tool from a vendor, or supports partners like Legal Aid organizations who may have integrated AI tools into their client...more
The European Supervisory Authorities, referred to as ESAs (comprising the European Banking Authority, European Insurance and Occupational Pensions Authority and the European Securities and Markets Authority) have published...more
When cyberattacks strike global giants, it’s front-page news. But what about the smaller breaches -- the ones that don’t make headlines? Increasingly, they’re making waves in courtrooms and regulatory enforcement agencies. ...more
On October 21, 2025, the New York State Department of Financial Services (NYDFS) released comprehensive guidance for registrants regarding management of cybersecurity risks associated with third-party service providers...more
In a significant stride toward strengthening digital stability in Europe’s financial sector, the European Supervisory Authorities (EBA, EIOPA, and ESMA) have, today, published the list of critical ICT third‑party service...more
Organizations that rely on third-party vendors for critical operations face unique challenges in managing vendor risks. These external relationships are essential for operational success, but can also create vulnerabilities...more
On October 21, 2025, the New York State Department of Financial Services (NYDFS) issued an industry letter highlighting risks associated with third-party service providers – such as providers of cloud computing, file transfer...more
With Giving Tuesday quickly approaching on December 2, 2025, nonprofits are alarmed to discover that GoFundMe, an online for-profit fundraising platform, had created donation pages for approximately 1.4 million nonprofit...more
OAuth tokens streamline access but create new vulnerabilities that threat actors are exploiting. Learn how to secure token infrastructure through robust monitoring, governance, and vendor management....more
The New York Department of Financial Services (NYDFS) just sent a stark reminder to covered entities (which includes financial institutions, insurance companies, and any other businesses regulated by the NYDFS) that they are...more
Key challenges, concerns, and priorities impacting audit committee agendas. To gain a better understanding of the key challenges, concerns, and priorities impacting audit committee agendas, the KPMG Board Leadership Center...more
Leaders charged with safeguarding data privacy and cybersecurity often assume that size equates to security—that large, well-resourced organizations must have airtight defenses against cyberattacks and data breaches. It’s a...more
Last week it came to light that the victims of two of the UK’s most high-profile recent data breaches — the Co-operative Group and Jaguar Land Rover — did not have cyber insurance in place. As a result, the companies will...more