Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Why Time Matters: Partners Lindsay Gerdes and Michael J. Bronson on Swift Action in Government Investigations
Consumer Finance Monitor Podcast Episode: Why do Fintechs Want to Become Banks?
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Video: Artificial Intelligence Use in Political Campaigns
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Compliance Lessons from Dating in Your 50s
The Justice Insiders Podcast - AI-Washing: Everything Old Is New Again
The AI Shakeup: New Tech Innovations and the Future of Corporate Law
Principled Podcast: S11E7 | Fortifying Ethical Frameworks: Navigating Emerging Risks in the Middle East
Managing Compliance Risk for Human Trafficking and Modern Slavery
Common Scenarios Triggering False Claims Act Violations, Part 3: Claims and Investigations
Navigating Bank-Fintech Partnerships: Avoiding Common Pitfalls — The Consumer Finance Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
Revisiting Financial Institution Incentive Compensation Rules Under Dodd-Frank — The Consumer Finance Podcast
Episode 325 -- AI and Emerging Compliance Frameworks
On August 21, 2024, the United States Cybersecurity and Infrastructure Security agency, alongside government agencies in key global allies, including Australia, the UK, Canada, and Japan, released guidance on event logging...more
Everyone thinks they can spot a phishing email. If true, we would not see so many security incidents, data breaches, and ransomware attacks. The statistics are overwhelming that phishing emails are a significant cause of data...more
Today’s ever-changing global threat environment—shaped by factors including geopolitical upheaval, sanctions, cyberthreats and ransomware attacks, pandemics and natural disasters, and artificial intelligence and emerging...more
In response to “multiple” cyber threat vectors, the Biden administration has asked governors of all 50 states to generate cybersecurity plans within 90 days (approximately July 1, 2024) to protect local water and wastewater...more
If you read about the world of hackers and cyber threats, you will quickly become numb to the creativity and variety of techniques that may threaten your organization. Like all risks, however, the key is to consider...more
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell...more
Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been...more
On November 18, 2022, the U.S. Department of Justice (“DOJ”) announced charges against ten defendants across Georgia, South Carolina and Virginia, resulting from a scheme that allegedly targeted Medicare, state Medicaid...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and Exposures (CVEs) that have been used by the People’s Republic of China (PRC) state-sponsored...more
The U.S. government has steadily increased its warnings about malicious cyber activity by Russia and other sophisticated persistent adversaries. Following several warnings from the Federal Bureau of Investigation (FBI) and...more
This week the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) issued a “SHIELDS UP” advisory. While it does not identify specific threats in the advisory, CISA states that the “Russian...more
Although executives of organizations report that ransomware is their number one security concern, and 87 percent of them expect an increase in cyber-attacks against their organizations over the next year, only one-third of...more
As the COVID-19 pandemic continues and our health system is pushed to and beyond capacity, lawmakers and stakeholders are assessing different ways to handle the incredible volume of patients suddenly needing care. One...more
As the situation concerning COVID-19 continues to evolve, we wanted to be sure you were aware of several recent developments related to the water sector in California....more
On March 11, 2020, the World Health Organization declared that COVID-19 is now a pandemic. The effects continue to be felt in the United States, which now has well over 1,000 confirmed novel Coronavirus disease (COVID-19)...more
Although COVID-19 is not the first pandemic to hit the United States, the virus has thrown the country into uncharted territory as federal and state governments and agencies struggle to contain the virus’s quick-moving...more
The conference I was supposed to speak at next week was just cancelled, as many are and will be, due to coronavirus concerns. The topic was “Insider Threats and How to Mitigate Them.”...more
A cyberattack on a single gas compression facility resulted in the shutdown of a natural gas pipeline for two days, according to a recent alert from the US Department of Homeland Security’s Cybersecurity and Infrastructure...more
The Ponemon Institute recently issued its 2020 Cost of insider Threats Global Report, which finds that the frequency and cost of insider threats is continued to increase. Sponsored by ObserveIT and IBM, the 2020 report is the...more
What on earth are these players thinking? We now have our third noteworthy example from the last few years of a player live-streaming his coach’s postgame victory speech on a social media platform....more
On March 26, 2019, President Trump signed an executive order (EO) to “establish[] the first ever comprehensive whole-of-government policy to build resilience and protect against electromagnetic pulses” (EMPs), which can cause...more
According to the 2019 Verizon Insider Threat Report, 20 percent of all cybersecurity incidents and 15 percent of data breaches in 2018 were caused by insiders—that is, employees or partner organizations....more
While cyberattacks continue to increase in number, health care organizations face some of the greatest risks. According to the Health Sector Coordinating Council (HSCC) — a coalition of industry associations that operates in...more
As industry comes up on the one-year anniversary of the publication of Change 2 to the National Industrial Security Program Operating Manual (NISPOM)1, a number of implementation deadlines are drawing near. This blog post...more