Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Why Time Matters: Partners Lindsay Gerdes and Michael J. Bronson on Swift Action in Government Investigations
Consumer Finance Monitor Podcast Episode: Why do Fintechs Want to Become Banks?
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Video: Artificial Intelligence Use in Political Campaigns
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Compliance Lessons from Dating in Your 50s
The Justice Insiders Podcast - AI-Washing: Everything Old Is New Again
The AI Shakeup: New Tech Innovations and the Future of Corporate Law
Principled Podcast: S11E7 | Fortifying Ethical Frameworks: Navigating Emerging Risks in the Middle East
Managing Compliance Risk for Human Trafficking and Modern Slavery
Common Scenarios Triggering False Claims Act Violations, Part 3: Claims and Investigations
Navigating Bank-Fintech Partnerships: Avoiding Common Pitfalls — The Consumer Finance Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
Revisiting Financial Institution Incentive Compensation Rules Under Dodd-Frank — The Consumer Finance Podcast
Episode 325 -- AI and Emerging Compliance Frameworks
Kennedys and Booz Allen Hamilton are delighted to invite you to our 3 hour webinar on Thursday, June 27, 2024. This half-day seminar features three presentations: Clear and present danger, In the war room, and The fallout....more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
It is no secret that protected health information (or “PHI”) is more and more at risk for cybersecurity attacks. In 2022 (the most recent year this statistic is available), the Department for Health and Human Services Office...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
On January 24, 2024, the U.K.’s National Cyber Security Centre (NCSC) released a new report, The near-term impact of AI on the cyber threat, detailing how Artificial Intelligence (AI) will impact the effectiveness of cyber...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more
In late September, two subcommittees of the U.S. House of Representatives held a joint hearing on responding to ransomware attacks. The hearing—held by the Subcommittee on Cybersecurity, Information Technology, and Government...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
NAVEX’s annual report on the state of risk and compliance is a must read. Each year NAVEX supplies helpful insights that compliance professionals, corporate managers and board members can use to benchmark their respective...more
In 2022, the average cost of cybercrime has reached $4.35 million per organization, and the number of data breaches has climbed by 14%. But despite the rising frequency and impact of cyberattacks, many businesses still do not...more
Ransomware has been one of the top cyber threats in the past several years. Thanks to the WannaCry attack of 2017 and others, most people have heard of this type of cyber threat, but many do not know how it works, how to...more
The first half of 2022 brought plenty of activity in the data privacy and cybersecurity space, much of which is applicable to or of interest to the insurance industry. We outline some of this activity below. Revisions to...more
The onslaught of ransomware attacks by cybercriminals increases unabated every year, affecting everyone from mom and pop shops on Main Street to corporate lions of Wall Street. Hackers infiltrate an organization's computer...more
Ransomware attacks have become headline news in the mainstream media, and a hot topic not only on this blog but in government circles. And with good reason as the United States suffered a staggering 421.5 million ransomware...more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
Most businesses began 2021 with ambitions to return to the office. But in keeping with a trend of disruption, we are faced with new COVID variants, questions on when and how schools will respond, a cultural shift towards...more
Cyber liability insurance is becoming more ubiquitous, more unpredictable, and in some cases more confusing than ever, which makes understanding your risk even more critical in 2022. Join Woodruff Sawyer experts Dan Burke,...more
With high-profile cybersecurity incidents hitting the headlines, President Biden’s recent cybersecurity executive order seeks to strengthen security practices at federal agencies and government contractors. But what does the...more
With the exponential growth of cyber threats, cloud computing and remote working, contract provisions regarding data security requirements have also expanded in size and frequency. It has become common practice to prepare...more
Ransomware incidents continue to be on the rise, wreaking havoc for organizations globally. Ransomware attacks target an organization’s data or infrastructure, and, in exchange for releasing the captured data or...more
The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) recently issued a Ransomware Profile identifying steps organizations can take to prevent, respond to and recover from...more
As cyber adversary capabilities, opportunities and sophistication continue to grow, cyber incidents pose a very real, costly and potentially devastating threat to organizations around the world. With today's cyber ecosystem,...more