News & Analysis as of September 9, 2025

Information Security

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One

Jackson Lewis P.C. on 8/14/2025

Written Information Security Programs, commonly referred to as WISPs, are critical plans to have in place – not only to efficiently and effectively respond to ransomware attacks and data breaches when they occur – but to...more

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

Skadden, Arps, Slate, Meagher & Flom LLP on 11/7/2023

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

Why a Right-Sized MDR Solution May Be Better Than One-Size-Fits-All

Ankura on 4/24/2023

When it comes to providing Managed Detection and Response (MDR) solutions for businesses, the idea of one size fits all is being replaced by the concept of right-sizing. A one-size-fits-all option is a preconfigured security...more

Are You a Financial Institution? GLBA Law & Compliance

Oberheiden P.C. on 6/15/2021

The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more

[Webinar] Top Risk Management Lessons from the SolarWinds Hack - January 27th, 10:00 am - 11:00 am PT

NAVEX on 1/18/2021

Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on 8/14/2020

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

[Event] April Basic Compliance & Ethics Academy - April 27th - 30th, Chicago, IL

Society of Corporate Compliance and Ethics... on 1/23/2020

Our Basic Academies are ideal for professionals with some compliance knowledge and experience who are ready to support, enhance and manage a comprehensive compliance program. They are taught by compliance professionals,...more

[Event] CCPA Compliance: An Interactive Workshop - Multiple Dates/Locations, February 11th - 24th

McDermott Will & Schulte on 1/16/2020

Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more

[Event] CCPA Compliance: An Interactive Workshop - Multiple Dates/Locations, Jan. 22nd - 30th

McDermott Will & Schulte on 1/14/2020

[Event] March Basic Compliance & Ethics Academy - March 2nd - 5th, San Diego, CA

Society of Corporate Compliance and Ethics... on 1/13/2020

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Perkins Coie on 10/26/2015

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

Unmasking Information Governance: What is it and how do I move it forward in my organization?

Robinson+Cole Data Privacy + Security Insider on 10/15/2015

The heightened state of information security in recent years has instigated genuine collaboration, in many organizations, amongst its professionals in IT, records, security, risk, compliance, and other stakeholders in...more

Under the Thumb: Regulatory Compliance When Outsourcing Cybersecurity Management

Pillsbury - Global Sourcing Practice on 8/27/2015

Managed security services are often a natural “add-on” when outsourcing IT services given that data protection is integral to application development, software as a service, and cloud storage, among other services. More...more

Actions Foreshadow Uniform Cybersecurity Regulations for Federal Contractors - Two Recent Executive Agency Actions Lay the...

Holland & Knight LLP on 7/17/2015

Federal government contractors handling Controlled Unclassified Information (CUI) should take notice of two recent executive agency actions. Combined, they lay the groundwork for a new cybersecurity clause to be added to the...more

Employer BYOD Concerns: Part 2 of It's 2013. Do You Know Where Your BYOD Policies Are?

Pillsbury - Global Sourcing Practice on 5/14/2013

In Part 2 of "It's 2013. Do You Know Where Your BYOD Policies Are?" we will discuss employer BYOD concerns. Check out Part 1 to learn more about employee interests; Part 3 will present developing trends and suggest best...more

15 Results

View per page

Page: of 1

Compliance › Data Protection › Information Security

"My best business intelligence, in one easy email…"