News & Analysis as of September 12, 2025

Cybersecurity

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

Compliance Under Pressure: Audit Readiness for Healthcare Providers

Hanzo on 9/5/2025

In today’s healthcare environment, compliance is a defining element of patient care quality, operational integrity, and public trust. Oversight from agencies such as the Office for Civil Rights (OCR), the Centers for Medicare...more

Avoid the October Surprise: What You Need to Know About DOJ’s New Data Security Program

Warner Norcross + Judd on 8/13/2025

The Department of Justice’s (“DOJ”) Data Security Program (“the Program”, 28 C.F.R. Part 202) went into effect on April 8 with a 90-day period of limited enforcement. With DOJ now expecting full compliance, with additional...more

Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast

Troutman Pepper Locke on 8/5/2025

In this episode of Payments Pros, Carlin McCrory is joined by Pete Jeydel, a partner in the firm's White Collar Litigation + Investigations Practice Group, to discuss the new Department of Justice (DOJ) Data Security Program...more

What the Sensitive Data Rule means for “bulk data” and National Security compliance

Constangy, Brooks, Smith & Prophete, LLP on 8/1/2025

As of July 9, the U.S. Department of Justice has begun full enforcement of a sweeping new data regulation known as the Sensitive Data Rule, or “SDR.” Implemented under President Biden’s Executive Order 14117, the SDR marks a...more

Privacy, Data and Cybersecurity Quick Clicks | Issue 31

Katten Muchin Rosenman LLP on 8/1/2025

Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more

California’s New CCPA Cybersecurity Audit Regulations: A Roadmap to “Reasonable” Security?

Wyrick Robbins Yates & Ponton LLP on 7/31/2025

Last week, the California Privacy Protection Agency (“Agency”) approved adoption of detailed new regulations under the CCPA that will include (among other notable components) a rule requiring annual cybersecurity audits for...more

Innovation in Compliance: The Future of Compliance Training: AI, Adaptive, Learning, and Cultural

Thomas Fox - Compliance Evangelist on 7/31/2025

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning...more

Slush 2025 Survey: Startup Struggles Expose Risk, Resilience, and Opportunities for Governance Pros

HaystackID on 7/30/2025

The latest Startup Struggle Survey by Slush* reveals that European startup founders are facing a tighter and more uncertain business environment in 2025. Based on insights from 607 early-stage founders, the grassroots report...more

Harnessing AI Under ERISA: A Compliance and Oversight Guide for Retirement and Health Plan Fiduciaries

Jackson Lewis P.C. on 7/30/2025

It is increasingly evident that artificial intelligence (AI) is reshaping all facets of business, and its impact on employee benefit plans is no exception. From automating plan administration to personalizing participant...more

No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats

Carlton Fields on 7/29/2025

On this episode, hosts Jack Clabby of Carlton Fields and Kayley Melton, executive director of operations at the Cognitive Security Institute, sit down with Kurt Sanger — a seasoned cyber law leader and former deputy general...more

California Adopts Regulations on Cybersecurity Audits

Shook, Hardy & Bacon L.L.P. on 7/29/2025

California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more

Ohio’s Cyber Law For Local Governments: 5 Steps Over 75 Days to Meet the September 29 Deadline

Dickinson Wright on 7/25/2025

In its FY 2026 budget, Ohio quietly folded in a sweeping cybersecurity mandate that will require every “political subdivision” to have a cybersecurity program that aligns with recognized industry frameworks and adopt strict...more

Data Loss Prevention in the Age of AI: A New Landscape Demands New Approaches

Lighthouse on 7/23/2025

Learn how to enhance your approach to data loss prevention with AI in mind, including what capabilities are essential for your organization and how to deploy Microsoft Purview DLP to address your needs. The information...more

ICO Annual Report Provides Insight Into Data Protection Risks for Businesses

Paul Hastings LLP on 7/22/2025

The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more

China Monthly Data Protection Update: July 2025

Dacheng on 7/22/2025

This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more

CHINA: DPOs Must Be Registered Before 29 August 2025

DLA Piper on 7/21/2025

While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more

AI Summaries in Google Discover: Rethinking Information Governance, Discovery, and Security

HaystackID on 7/18/2025

In a bold initiative to integrate AI across various platforms, Google has launched AI-generated summaries in its Discover product, a personalized news feed widely accessible on Android and iOS devices. These AI summaries...more

Inside the SK Telecom Data Breach: What Happened and What Companies Can Learn

Alston & Bird on 7/17/2025

In April 2025, SK Telecom—South Korea’s largest mobile carrier—formally notified regulators of a significant data breach that compromised sensitive SIM card data belonging to nearly 27 million users. Following an...more

Key Business Litigation & Transaction Trends Every Executive Must Know in 2025

Segal McCambridge on 7/17/2025

As we continue to navigate 2025, business leaders face an increasingly complex legal landscape shaped by technological advancements, evolving regulations, and dynamic market conditions. Understanding these emerging trends is...more

Episode 36: Let’s Talk Compliance: The Risks and Pitfalls of Health Care Supply Chain Compliance

Foley & Lardner LLP on 7/17/2025

In this episode, Monica Chmielewski, vice chair of Foley’s Health Care Practice Group and Shannon Sumner, Chief Compliance Officer and Nashville’s Office Managing Principal of PYA explore how supply chain compliance is...more

Navigating Cloud Forensics in Complex Investigations

J.S. Held on 7/16/2025

Introduction: Understanding Cloud Data in the Modern Digital Landscape - In today’s hyper-connected digital world, we interact with vast amounts of data, much of which isn’t stored locally on our devices but instead...more

DOJ’s 90-Day Data Security Compliance Grace Period is Over: Are You Compliant?

Sheppard Mullin Richter & Hampton LLP on 7/15/2025

The U.S. Department of Justice (“DOJ”) Data Security Program (“DSP”) 90-day enforcement grace period ended as of July 8, 2025. While the program became effective April 8, 2025, DOJ implemented a 90-day enforcement grace...more

The EU’s New Cybersecurity Law for the Space Sector

Skadden, Arps, Slate, Meagher & Flom LLP on 7/9/2025

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath

Thomas Fox - Compliance Evangelist on 7/7/2025

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more

#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.

Thomas Fox - Compliance Evangelist on 6/23/2025

346 Results

View per page

Page: of 14

Compliance › Data Privacy › Cybersecurity

"My best business intelligence, in one easy email…"