News & Analysis as of

Compliance Cybersecurity Data Security

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Rumberger | Kirk

Why Your Organization Needs to Craft a Comprehensive GenAI Policy Now

Rumberger | Kirk on

The rapid advancement of generative artificial intelligence technologies has revolutionized various industries by automating complex tasks, creating content, and enhancing decision-making processes. However, it also poses...more

Morris, Manning & Martin, LLP

Legal Issues Around AI Are Real. And Complex.

Last week I had the pleasure of sitting down and discussing the legal implications of AI with a group of General Counsels. This group of GCs represented companies from the Fortune 100 all the way to mid-size enterprises. That...more

Ward and Smith, P.A.

Three Cybersecurity Mistakes Small Businesses Make: A Data Privacy Attorney's Perspective

Ward and Smith, P.A. on

In today's digital landscape, where data and technology are integral to business, companies of all sizes are prime targets for cyberattacks. As privacy and data security attorneys, we see the severe impact of inadequate...more

BakerHostetler

(Cyber)Security Theater 101 - Georgia Tech, a Teachable Moment

BakerHostetler on

On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more

Benesch

Staying Ahead of the Curve: Adapting to Evolving Cyber Regulatory Enforcement

Benesch on

As calls for executive accountability for cybersecurity intensify, it is essential for companies to scrutinize the adequacy of ephemeral messengers, such as Signal, WhatsApp, WeChat, and Snapchat, in light of both present and...more

Womble Bond Dickinson

Upcoming Deadline for PCI DSS 4.0.1 Implementation

Womble Bond Dickinson on

A critical deadline of March 31, 2025 is upcoming for the full implementation of the new requirements contained in the Payment Card Industry Data Security Standard (PCI DSS) version 4.0....more

Society of Corporate Compliance and Ethics...

[Virtual Event] Compliance & Ethics Essentials Workshop - December 2nd - 5th, 8:00 am - 5:00 pm CT

Learn the key principles of compliance - no travel required! If you’re new to or have minimal experience in compliance management don’t miss this opportunity to build the foundational knowledge you need! SCCE’s four-day...more

Skadden, Arps, Slate, Meagher & Flom LLP

DOJ Enters First Intervention in Cybersecurity Qui Tam

The U.S. government’s recent complaint in a relator-filed case under the False Claims Act (FCA): - Marks the first FCA suit in which the Department of Justice (DOJ) has intervened since launching its ongoing Civil...more

Dorsey & Whitney LLP

DOJ on Campus: DOJ’s First Intervention in False Claims Act Case Alleging University Knowingly Failed to Meet Contractual...

Dorsey & Whitney LLP on

Cybersecurity requirements for federal contractors and grantees continue to proliferate—and those requirements do not just come with contractual risk. Increasingly, the United States government is leveraging enforcement...more

Osano

The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1

Osano on

In this episode of The Privacy Insider Podcast, Keith Enright, the outgoing Chief Privacy Officer at Google, joins host Arlo Gilbert to share what it’s like to be at the privacy helm of one of the world’s most influential–and...more

Mayer Brown

New EU Cyber Rules: Implementation of NIS2 in the EU Member States

Mayer Brown on

The Network and Information Security 2 Directive (EU) 2022/2555 ("NIS2") entered into force on 16 January 2023. NIS2 sets cyber rules for organizations whose services are considered essential or important for maintaining...more

Osano

Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane

Osano on

Maintaining compliance is your job. But sometimes that job feels like a slog through the deepest jungle. More than 130 countries have some form of data privacy and protection law on the books. At the same time, 63% of...more

BCLP

Hong Kong Unveils Proposals for First Cybersecurity Law

BCLP on

The Hong Kong Government recently submitted its proposed legislative framework to enhance protection of computer systems of critical infrastructure (“Proposal”) to the Legislative Council (“LegCo”) Panel on Security for...more

Venable LLP

Offensive Security Under the EU Digital Operational Resilience Act (DORA)

Venable LLP on

The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more

Womble Bond Dickinson

Cybersecurity Crunch: Building Strong Data Security Programs with Limited Resources - Insights from Tech and Financial Services...

Womble Bond Dickinson on

In today’s digital age, cybersecurity has become a paramount concern for executives navigating the complexities of their corporate ecosystems. With resources often limited and the ever-present threat of cyberattacks,...more

HaystackID

New Cyber Regulations Define Battle Lines in Corporate and Infrastructure Security

HaystackID on

Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more

PilieroMazza PLLC

Coming Soon! CISA’s Proposed Rule on Government-wide Cybersecurity Reporting Requirements for Contractors

PilieroMazza PLLC on

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more

Esquire Deposition Solutions, LLC

Actionable Advice When Sharing Client Data with Vendors

We’ve previously written on the need for law firms to scrutinize the data security protections in place at all third-party vendors who have access to client confidential information. Clearly, that’s still good advice....more

White & Case LLP

AI Watch: Global regulatory tracker - China

White & Case LLP on

The Interim AI Measures is China's first specific, administrative regulation on the management of generative AI services. Laws/Regulations directly regulating AI (the “AI Regulations”) The Cyberspace Administration of China,...more

The Volkov Law Group

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

The Volkov Law Group on

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains...more

Epiq

Healthcare Organizations Can Meet New HHS Cybersecurity Goals with the Help of Tabletop Exercises

Epiq on

In today’s digital age, securing sensitive healthcare data is paramount. With the rise in cyber threats targeting healthcare organizations, the Department of Health and Human Services (HHS) has taken proactive steps to...more

Wolf, Greenfield & Sacks, P.C.

USPTO Guidance on Use of AI-Based Tools in Practice: How to Mitigate Risk

Use of AI-based tools are permitted, but parties should use caution to ensure compliance with all duties and obligations - Recognizing that AI tools are already being used by parties practicing before the USPTO, this week the...more

Bass, Berry & Sims PLC

The United States Intervenes in its First False Claims Act Cybersecurity Case

Bass, Berry & Sims PLC on

The United States notified the U.S. District Court for the Northern District of Georgia that it plans to intervene in a False Claims Act case filed against Georgia Tech Research Corporation (Georgia Tech) by its Associate...more

Pillsbury - Internet & Social Media Law Blog

The EU and UK Introduce New IoT Security Standards

The FCC’s recent introduction of a new Voluntary Cybersecurity Labelling Program for consumer Internet of Things (IoT) products reflects the continued desire by U.S. regulators to bolster the security of the ever-increasing...more

NAVEX

Compliance & Cybersecurity – Working and Worrying Together About the Intersection of People and Technology

NAVEX on

I’m not a cyber expert, but as a compliance professional with accountability for internal investigations of employee and third-party misconduct I’ve had a front row seat to the evolution of risk that has mirrored the mass...more

231 Results
 / 
View per page
Page: of 10

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide