Why Privacy is Your Secret Weapon Against Third-Party Risk
Due Diligence in AI: 3 things you need to survive AI scrutiny
Enhancing Compliance: The Power of Independent Monitorships in Consumer Protection — Regulatory Oversight Podcast
Investigations and Cognitive Interviews
Consumer Finance Monitor Podcast Episode: Regulators Escalate Focus on the Risks of Bank Relationships with Fintechs and Other Third Parties
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
AGG Talks: Women in Tech Law Podcast - Episode 4: Preparing for a Transaction? What Emerging Growth Companies Need to Know
Meeting the Needs of General Counsel: Beyond the Basics of Legal Advice - On Record PR
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Why Time Matters: Partners Lindsay Gerdes and Michael J. Bronson on Swift Action in Government Investigations
Consumer Finance Monitor Podcast Episode: Why do Fintechs Want to Become Banks?
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Video: Artificial Intelligence Use in Political Campaigns
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Compliance Lessons from Dating in Your 50s
The Justice Insiders Podcast - AI-Washing: Everything Old Is New Again
It’s obvious that strong cybersecurity governance should help to reduce a company’s risk of succumbing to a cybersecurity incident or being significantly impacted should one materialize. One major challenge: determining what...more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
Partner and co-head of Skadden’s Cybersecurity and Data Privacy practice David Simon recently sat down with two chief information security officers (CISOs) from the private equity sector as part of the firm’s National Cyber...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
Honestly, I have been avoiding this topic since it presents a real morass of risks and potential traps for the unwary company and Chief Compliance and Chief Legal Officers....more
A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more
The Securities and Exchange Commission (“SEC”) adopted the final rules (the “Final Rules”) on July 26, 2023 that will require disclosure of material cybersecurity incidents, cybersecurity risk management, strategy, and...more
On July 26, the Securities and Exchange Commission (“SEC”) finalized a much anticipated rule addressing cybersecurity risk management, strategy, governance, and incident disclosure. Public companies registered with the SEC...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules requiring public companies to disclose within four business days material cybersecurity incidents they experience and to disclose annually...more
The SEC has recently voted on new rules that will require companies to disclose material cybersecurity incidents within four days and to make disclosures about their broad cybersecurity risks in their annual report. Tom Fox...more
At an Open Meeting on July 26, 2023, the US Securities and Exchange Commission (SEC) adopted final rules and amendments that impose new cybersecurity-related disclosure requirements for public companies subject to the...more
In yet another indication of the increasing weight being given by government officials to cybersecurity, on July 26, 2023, the Securities and Exchange Commission adopted new rules requiring public companies to disclose...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies. The rules, which will become effective thirty days after publication in...more
Come December 2023, public companies will have a very narrow window to report cybersecurity incidents that materially affect their companies. Companies will also have to report annually how they assess and manage...more
A recent significant enforcement action brought by the U.S. Securities and Exchange Commission against Blackbaud Inc. highlights the importance of public companies maintaining disclosure controls and procedures relating to...more
The year 2022 saw a groundswell of interest in privacy rights and related legislation. Five states enacted new laws or regulations aimed at protecting a general right to privacy, while the U.S. government came closer than...more
Government agencies at the state and federal levels are increasingly training their sights on the cybersecurity resiliency of companies in an array of industries. The US Securities and Exchange Commission has proposed rules...more
This week, in addition to the news-catching, ongoing dispute between Twitter and Elon Musk, Twitter’s former head of cybersecurity, Peiter Zatko, claimed in a whistleblower filing with several federal agencies that Twitter...more
The U.S. government has steadily increased its warnings about malicious cyber activity by Russia and other sophisticated persistent adversaries. Following several warnings from the Federal Bureau of Investigation (FBI) and...more
The SEC has issued proposed rules on disclosure of cybersecurity incidents. Specifically, the SEC is proposing to: Amend Form 8-K to add Item 1.05 to require registrants to disclose information about a cybersecurity...more
As companies collect growing amounts of data about their customers and other consumers, sophisticated adversaries, recognizing the value of this information, have increased their efforts to pilfer it. For publicly traded...more
The coronavirus crisis is far from over, and compliance professionals still need every scrap of guidance that regulators can provide about how to run compliance programs in these difficult times. So when the Securities and...more