Consumer Finance Monitor Podcast Episode: Regulating Bank Reputation Risk
Episode 354 -- The New Era of Compliance: Generative AI, Data and Innovation
How ERISA Litigators Strengthen Plan Compliance and Risk Management: One-on-One with Jeb Gerth
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Hospice Insights Podcast - Upping the Ante: Will CMS’s Enhanced Oversight Efforts Cause Hospices to Fold?
Podcast — UK FinReg Focus Areas in 2025: Sectoral Trends
OG Talks: Good Energy and Navigating Transactions
Launching a Product Too Soon? Lessons From Recent CFPB Orders — The Consumer Finance Podcast
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
Why the Increase in Demeaning Women Online Matters for Your Workplace: What's the Tea in L&E?
Daily Compliance News: January 6, 2025 – The Lady MacBeth in 2025 Edition
Regulatory vs. Business Compliance
Fintech Focus Podcast | Navigating IT and Security Risks in Fintechs in Light of Impending DORA Deadline
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
Episode 347 -- LRN's Code of Conduct Survey
Workplace Investigation Protocols: One-on-One with Greg Keating
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Harnessing Generative AI: Innovations and Best Practices — The Good Bot Podcast
Innovation in Compliance: Navigating Risk Management in the Automotive Industry with Tom Kline
In an era where technology drives business success, organizations often find themselves managing an overwhelming number of tools and applications — whether purchased officially through procurement or individually at a...more
No one intentionally sets out to make a mistake. Yet, it has long been recognized by some of our greatest innovators from Thomas Edison to Albert Einstein to Henry Ford that making mistakes (and learning from them) is the key...more
North Korean IT operatives are infiltrating U.S. and Western companies using stolen or fabricated identities, VPNs, and U.S.-based co-conspirators to gain unauthorized access to corporate systems. These insider threats pose...more
Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more
Despite the many technological advances in the collection, processing, and review of electronically stored information, it remains vital to conduct custodial interviews focused on data identification to confer a litigation...more
The European Commission has published a letter (dated 21 January 2025) addressed to the Joint Committee of the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) the ESAs...more
Balancing Business Continuity and IT Disaster Recovery is crucial for robust organizational resilience. So, how does your organization integrate both strategies for maximum impact?...more
New Jersey appears poised to become the next state to explicitly add a duty of technology competence to its professional code of ethics. Proposed revisions to the New Jersey Rules of Professional Conduct would, if adopted,...more
On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
Companies should not minimize the extent of a material cybersecurity incident by omitting material facts regarding the scope and potential impact of the incident. Cybersecurity risk factor disclosures should be tailored to a...more
WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more
Artificial intelligence (AI) is everywhere these days, including your workplace. While there is no one-size-fits-all AI policy that will work for every company, here are our general thoughts about how employers can...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
The recent indictment of 14 North Korean nationals for fraudulently obtaining remote IT jobs with U.S.-based companies underscores the importance of vigilant hiring practices. Our Privacy, Cyber & Data Strategy and...more
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector. Last week, the Cybersecurity and...more
Looking for something more advanced than your average export controls conference? Go beyond the basics at ACI’s 2nd Annual Advanced Forum on Global Export Controls. This premier event offers cutting-edge insights and...more
Digital Operational Resilience Act (DORA) aims to harmonize provisions related to cybersecurity and information and communication technology (ICT) risk management in the financial sector. Its scope covers nearly all entities...more
The EU Cyber Resilience Act (CRA) entered into force on 10 December 2024. The CRA is the first legislation of its kind in the world that aims to enhance the cyber security of products or software with a digital component...more
Background - The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
Remote worker fraud is expected to continue to proliferate in 2025. Fully remote hiring and work, particularly in the technology sector, continues to pose unique business and legal risks for companies. Just in December 2024,...more
In today's digital landscape, robust password management is critical to information security. With the increasing complexity of cyber threats, ensuring secure access to sensitive information has become more critical than...more
The Department of Commerce (Commerce) Office of Information and Communications Technology and Services (OICTS) has broad authority—born out of executive action during the first Trump administration—to identify and mitigate...more
On January 6, 2025 the U.S. Department of Health and Human Services published a Proposed Rule (90 FR 898) to strengthen the HIPAA Security Rule and afford greater cybersecurity protections for electronic protected health...more