News & Analysis as of July 24, 2025

Compliance › Chief Information Security Officer (CISO) › Data Security

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

Business resiliency needs to take centerstage if you want to keep pace with cyber threats and supply chain disruptions

NAVEX on 4/2/2025

2024 was a year of numerous and notable cybersecurity failures – although, to be fair, most years are now marred by numerous and notable cybersecurity failures. That’s no longer anything special. What makes 2024 interesting...more

New York’s Department of Financial Services Amplifies its Cybersecurity Regulations

Patterson Belknap Webb & Tyler LLP on 11/14/2023

On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more

Episode 282 -- CISO and CCOs -- The Evolving Partnership

The Volkov Law Group on 7/23/2023

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more

The Cyber Compliance Imperative: Bringing Employees Together with Technology (Part III of IV)

The Volkov Law Group on 7/13/2023

It is easy to get lost in the technology world of cyber security – the information technology business relies on lots of acronyms, techno-speak and function-specific terminology. In responding to a cyber and data security...more

[Webinar] Security Compliance at Scale - December 13th, 12:00 pm - 1:30 pm CT

Society of Corporate Compliance and Ethics... on 12/1/2022

Learning Objectives: - Learn the technical dos and don’ts in implementing security compliance frameworks such as SOC 2, ISO 27001 and HIPAA - Discussion about why security compliance is so critical for organizations...more

The Complicated Tango of Compliance & Cybersecurity

NAVEX on 8/30/2021

A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more

CMMC Is Coming: How Government Contractors Can Prepare

NAVEX on 4/14/2021

People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more

4 Things to Know About Updated NIST 800-53 Standards

NAVEX on 3/31/2021

[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more

8 Results

/

View per page

Page: of 1