News & Analysis as of

Risk Management Information Technology

Morgan Lewis

Data Center Operations: Aligning Supply Chain, Compliance, and Customer Expectations

Morgan Lewis on

The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more

Integreon

DORA Compliance Part 2: Addressing Compliance Across Critical Operational Areas

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

Accelerynt, Inc.

How Over-engineered Security Stacks Are Killing Agility—And What to Do About It

Accelerynt, Inc. on

Tool sprawl is paralyzing enterprise security teams. Learn how to shift from fragile, over-engineered stacks to agile security architectures that accelerate progress....more

Wiley Rein LLP

FedRAMP Announces New Approach to Assessing Security of Cloud Services Providers, Leveraging Commercial Practices and Tools

Wiley Rein LLP on

WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more

Mitratech Holdings, Inc

5 Common Pitfalls in IT Disaster Recovery (and How to Avoid Them)

Even the strongest IT/DR plans can fail if they aren’t proactive about avoiding these common mistakes. When systems go down, business grinds to a halt. Downtime leads to $9,000 in losses per minute on average, damaged...more

Wiley Rein LLP

DOD Mandates Use of Software Acquisition Pathway for Software Development Procurements

Wiley Rein LLP on

WHAT: Department of Defense (DOD) Secretary Pete Hegseth issued a memorandum titled “Directing Modern Software Acquisition to Maximize Lethality” that is intended to reform DOD’s procurement involving software development....more

Robinson+Cole Data Privacy + Security Insider

AI Governance: The Problem of Shadow AI

If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more

Mitratech Holdings, Inc

IT/DR Plan Spring Cleaning: How to Replace Outdated Policies

Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more

Purpose Legal

Proactive Steps for Protecting your Intellectual Property (IP) and Trade Secrets

Purpose Legal on

We live in an era in which information is a valuable commodity. Access to data, ideas, and trade secrets is in high demand, particularly for individuals or companies seeking to profit from this information. One way they gain...more

Pagefreezer

The Major Microsoft Teams Challenge Stumping Legal & Compliance Teams

Pagefreezer on

Since 2019, the number of users on Microsoft Teams has risen 1500%, from a modest 20 million users in the pre-pandemic year (2019) to over 320 million users in 2024. Microsoft's collaboration platform is now the default...more

StoneTurn

2025 Incident Response Landscape: Practical Tips for Cybersecurity Readiness

StoneTurn on

Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more

A&O Shearman

ESAs roadmap for designation of critical ICT third-party service providers under DORA

A&O Shearman on

The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more

Ius Laboris

Watching Sports at Work: How Employers Can Avoid an Own Goal

Ius Laboris on

2025, like most years, will be dominated by prominent sporting events. But with many of these sporting events likely to take place during working hours, and some employees hoping to watch-along live, we explore the lessons...more

Bennett Jones LLP

New Information Technology Security Requirements for Critical Infrastructure Facilities in Alberta

Bennett Jones LLP on

On May 31, 2025, the Alberta Security Management for Critical Infrastructure Regulation (the Regulation) will come into force and is expected to alter existing security requirements for critical resource infrastructure in...more

Mayer Brown Free Writings + Perspectives

FINRA Publishes 2025 Annual Regulatory Oversight Report

The Financial Industry Regulatory Authority, Inc. (“FINRA”) published its 2025 FINRA Annual Regulatory Oversight Report (the “Report”), which builds on the structure and content of FINRA’s prior reports for 2021-2024. This...more

A&O Shearman

European Central Bank updates TIBER-EU framework to align with DORA RTS on TLPT

A&O Shearman on

The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more

A&O Shearman

European Banking Authority publishes amending guidelines on ICT and security risk management in the context of DORA

A&O Shearman on

The European Banking Authority (EBA) has published a final report with amending guidelines in respect of Guidelines EBA/GL/2019/04 on ICT and security risk management. The EBA reviewed the Guidelines in light of the Digital...more

Ankura

Optimizing Organizational Efficiency Through Tool Rationalization

Ankura on

In an era where technology drives business success, organizations often find themselves managing an overwhelming number of tools and applications — whether purchased officially through procurement or individually at a...more

Jackson Lewis P.C.

The Importance of Being Erroneous: Are AI Mistakes a Feature, Not a Bug?

Jackson Lewis P.C. on

No one intentionally sets out to make a mistake. Yet, it has long been recognized by some of our greatest innovators from Thomas Edison to Albert Einstein to Henry Ford that making mistakes (and learning from them) is the key...more

StoneTurn

Do You Know Who Your Employee Is? Mitigating DPRK IT Worker Risk

StoneTurn on

North Korean IT operatives are infiltrating U.S. and Western companies using stolen or fabricated identities, VPNs, and U.S.-based co-conspirators to gain unauthorized access to corporate systems. These insider threats pose...more

Mitratech Holdings, Inc

IT Incident Management Simplified: 5 Strategies for Effective Recovery

Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more

Troutman Pepper Locke

Streamlining eDiscovery: The Case for Supervised Collections and Custodial Interviews

Troutman Pepper Locke on

Despite the many technological advances in the collection, processing, and review of electronically stored information, it remains vital to conduct custodial interviews focused on data identification to confer a litigation...more

A&O Shearman

European Commission rejects draft technical standards on sub-contracting ICT services under Digital Operational Resilience Act

A&O Shearman on

The European Commission has published a letter (dated 21 January 2025) addressed to the Joint Committee of the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) the ESAs...more

Mitratech Holdings, Inc

BCP & IT/DR: Why Your Business Continuity Strategy Needs Both

Balancing Business Continuity and IT Disaster Recovery is crucial for robust organizational resilience. So, how does your organization integrate both strategies for maximum impact?...more

Esquire Deposition Solutions, LLC

New Jersey Weighs New Duty of Technology Competence

New Jersey appears poised to become the next state to explicitly add a duty of technology competence to its professional code of ethics. Proposed revisions to the New Jersey Rules of Professional Conduct would, if adopted,...more

506 Results
 / 
View per page
Page: of 21

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide