News & Analysis as of

Third-Party Data Protection Risk Management

Vedder Price

FINRA Publishes 2025 Regulatory Oversight Report

Vedder Price on

On January 28, 2025, FINRA published its annual regulatory oversight report for 2025 (Report), which highlights observations and findings from FINRA’s oversight programs. The Report covers 24 topics, and for each topic it...more

Clark Hill PLC

The Growing Cybersecurity Risks in the Cannabis Industry

Clark Hill PLC on

Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more

Lowenstein Sandler LLP

Top AI Risks General Counsels Should Address

Lowenstein Sandler LLP on

Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #430 – GrubHub Confirms Security Incident Through Third Party Vendor

If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

K&L Gates LLP

Managing Artificial Intelligence: The Monetary Authority of Singapore's Recommendations on AI Model Risk Management

K&L Gates LLP on

Introduction and Background - On 5 December 2024, as part of the Monetary Authority of Singapore’s (MAS) incremental efforts to ensure responsible use of artificial intelligence (AI) in Singapore’s financial sector, MAS...more

Conn Kavanaugh

Three Things You Should Know About Service Level Agreements in SaaS/Cloud Contracts

Conn Kavanaugh on

When a customer purchases software-as-a-service (SaaS)–which is sometimes called a “cloud” service or product–the software is not hosted. It does not reside at the customer’s location or data center. Rather the software is...more

Foley & Lardner LLP

President Biden Issues Second Cybersecurity Executive Order

Foley & Lardner LLP on

In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more

A&O Shearman

Hong Kong SFC issues circular on the use of generative AI language models

A&O Shearman on

The Hong Kong Securities and Futures Commission (SFC) has issued a circular that sets forth comprehensive guidelines and expectations for licensed corporations (LCs) regarding the responsible use of generative artificial...more

Constangy, Brooks, Smith & Prophete, LLP

Take these steps to safeguard against third-party cyber threats

The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more

Skadden, Arps, Slate, Meagher & Flom LLP

AI Insights: NAIC Releases Draft Model Bulletin Regarding Use of AI by Insurers

In July, the Innovation, Cybersecurity and Technology Committee of the National Association of Insurance Commissioners (NAIC) released an exposure draft of its model bulletin titled “Use of Algorithms, Predictive Models, and...more

Mitratech Holdings, Inc

ESG Risk Management & TPRM: A Best Practice Approach?

Mitratech Holdings, Inc on

There are few initiatives currently afoot in banking that do not feature Environmental, Social, and Governance (ESG) credentials, either to engage investors and customers or deliver the ESG risk management capabilities that...more

Jackson Lewis P.C.

Data Protection And The Role Of Vendor Management

Jackson Lewis P.C. on

The SolarWinds hack highlights the critical need for organizations of all sizes to include cyber supply chain risk management as part of their information security program. It is also a reminder that privacy and security...more

BakerHostetler

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties (Part 3)

BakerHostetler on

This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more

Mintz - Privacy & Cybersecurity Viewpoints

OCR Warns of HIPAA Risks in Third-Party Apps

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies...more

Broker-Dealer Compliance + Regulation

Cybersecurity, Round 2: OCIE Announces Areas of Focus for Cybersecurity Examinations

On September 15, 2015, OCIE issued a risk alert relating to its new cybersecurity examination initiative. This is the second round of these examinations, and the alert provides a detailed look at OCIE’s current areas of...more

Morgan Lewis

SEC and DOJ Hacking Prosecutions Highlight SEC’s Increased Interest in Cybersecurity Risks

Morgan Lewis on

Companies are reminded of the need for strong internal controls. The US Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) recently filed civil and criminal actions in the largest hacking and...more

17 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide