News & Analysis as of

Third-Party Cybersecurity

Integreon

DORA Compliance Part 1: Proactively Meeting DORA Supply Chain Resilience Obligations

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

Foley & Lardner LLP

Key Takeaways: 7th Annual “Let’s Talk Compliance” Conference

Foley & Lardner LLP on

Editor’s Note: PYA and Foley & Lardner hosted the 7th Annual “Let’s Talk Compliance” two-day virtual conference on January 23 and 24, 2025. Panelists included Foley attorneys and PYA subject matter experts. The event was...more

Vedder Price

FINRA Publishes 2025 Regulatory Oversight Report

Vedder Price on

On January 28, 2025, FINRA published its annual regulatory oversight report for 2025 (Report), which highlights observations and findings from FINRA’s oversight programs. The Report covers 24 topics, and for each topic it...more

Spilman Thomas & Battle, PLLC

Decoded - Technology Law Insights, V 6, Issue 2, February 2025

Welcome to our second issue of 2025 of Decoded - our technology law insights e-newsletter. For those of you with an interest in the Corporate Transparency Act, Brienne Marco and Joe Unger report that the recent injunction...more

Clark Hill PLC

The Growing Cybersecurity Risks in the Cannabis Industry

Clark Hill PLC on

Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more

Mitratech Holdings, Inc

Red Flags In Your Vendor’s Business Continuity Plan

Ensure your vendors are crisis-ready by recognizing these key indicators of weak continuity planning. The interconnected nature of modern business means that your vendors’ operational resilience can, and frequently does,...more

Lowenstein Sandler LLP

Top AI Risks General Counsels Should Address

Lowenstein Sandler LLP on

Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more

Bracewell LLP

FINRA Facts and Trends: February 2025

Bracewell LLP on

Welcome to the latest issue of Bracewell’s FINRA Facts and Trends, a monthly newsletter devoted to condensing and digesting recent FINRA developments in the areas of enforcement, regulation and dispute resolution. We dedicate...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #430 – GrubHub Confirms Security Incident Through Third Party Vendor

If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Foley & Lardner LLP

President Biden Issues Second Cybersecurity Executive Order

Foley & Lardner LLP on

In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more

Wiley Rein LLP

Cyber Risks and Insurance 2025 Forecast

Wiley Rein LLP on

As we prepare to close the books on another eventful year in the cyber and privacy space, Wiley’s cyber insurance team is already making predictions for 2025. Q: So, let’s get right into it – based on your experience this...more

A&O Shearman

Hong Kong SFC issues circular on the use of generative AI language models

A&O Shearman on

The Hong Kong Securities and Futures Commission (SFC) has issued a circular that sets forth comprehensive guidelines and expectations for licensed corporations (LCs) regarding the responsible use of generative artificial...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Companies Can Do To Protect Against Cyberattacks … and the Litigation That Often Follows

Cyber threats continue to grow as a result of increased digitization, widespread use of cloud computing, advanced connectivity and artificial intelligence (AI), requiring boards of directors across all sectors to focus more...more

KPMG Board Leadership Center (BLC)

Oversight of data-related risks

Oversight of data-related risks: From data governance to GenAI and cybersecurity While data governance has been a priority for companies for some time, the explosive growth in the use of generative artificial intelligence...more

Baker Botts L.L.P.

New York State Department of Financial Services Issues Guidance Concerning Cybersecurity Risks Posed by Artificial Intelligence

Baker Botts L.L.P. on

Last month, the New York State Department of Financial Services (“DFS”), which has broad regulatory powers over financial services-related entities and insurance companies operating in New York State, published guidance...more

Cozen O'Connor

Department of Defense Publishes Final Rule on Cybersecurity Maturity Model Certification

Cozen O'Connor on

On October 15, 2024, the Department of Defense (DoD) published the long-anticipated first part of its final rule (the Final Rule) for the Cybersecurity Maturity Model Certification (CMMC) program. After the implementation of...more

Barnea Jaffa Lande & Co.

Understanding DORA: An Overview of the Digital Operational Resilience Act

The Digital Operational Resilience Act (DORA) is an EU regulatory framework, aimed at enhancing the financial sector’s ability to withstand and recover from ICT (information and communication technology) disruptions....more

Wiley Rein LLP

Litigation Grows Around Website Technologies, With Focus on Sensitive Data

Wiley Rein LLP on

Data privacy-related lawsuits have skyrocketed in recent years. Federal courts saw over 900 data privacy dockets in 2020 – but witnessed a surge to 1,767 dockets in 2023. At the halfway point in 2024, federal court data...more

BakerHostetler

FTC Continues Focus on Disclosure of Health Information to Third-Party Technologies

BakerHostetler on

A recently announced settlement with online alcohol addiction treatment service Monument Inc. demonstrates the Federal Trade Commission’s (FTC) continued focus on the use and disclosure of health data. The proposed settlement...more

NAVEX

Compliance & Cybersecurity – Working and Worrying Together About the Intersection of People and Technology

NAVEX on

I’m not a cyber expert, but as a compliance professional with accountability for internal investigations of employee and third-party misconduct I’ve had a front row seat to the evolution of risk that has mirrored the mass...more

Society of Corporate Compliance and Ethics...

Corporate Use of Third-Party Artificial Intelligence (AI) Tools

At the 2024 SCCE European Compliance & Ethics Institute, Segev Shani, Chief Compliance & Regulatory Officer at Neopharm Group will be leading the session “Corporate Use of Third-Party Artificial Intelligence (AI) Tools.” In...more

Constangy, Brooks, Smith & Prophete, LLP

Take these steps to safeguard against third-party cyber threats

The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more

Miller Nash LLP

Data Privacy Week Series: Check Your Third-Party Agreements Against Internal Policies

Miller Nash LLP on

In honor of Data Privacy Week, each day this week Miller Nash is releasing one of our top five recommendations for where businesses should focus their privacy compliance efforts in 2024. If you need assistance reviewing your...more

Lerman Senter PLLC

FTC Proposes Updates to COPPA Rule

Lerman Senter PLLC on

The FTC is proposing significant changes to the Children’s Online Privacy Protection Act (COPPA) rule to place new restrictions on the use and disclosure of children’s personal information. The COPPA Rule requires websites...more

99 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide