News & Analysis as of

Compliance Regulatory Requirements Cybersecurity

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Constangy, Brooks, Smith & Prophete, LLP

What the Sensitive Data Rule means for “bulk data” and National Security compliance

Constangy, Brooks, Smith & Prophete, LLP on

As of July 9, the U.S. Department of Justice has begun full enforcement of a sweeping new data regulation known as the Sensitive Data Rule, or “SDR.” Implemented under President Biden’s Executive Order 14117, the SDR marks a...more

Wyrick Robbins Yates & Ponton LLP

California’s New CCPA Cybersecurity Audit Regulations: A Roadmap to “Reasonable” Security?

Wyrick Robbins Yates & Ponton LLP on

Last week, the California Privacy Protection Agency (“Agency”) approved adoption of detailed new regulations under the CCPA that will include (among other notable components) a rule requiring annual cybersecurity audits for...more

Woods Rogers

DOD Poised to Finalize CMMC Requirements for Government Contractors

Woods Rogers on

For contractors within the Defense Industrial Base (DIB), the time to ensure compliance with the Department of Defense’s (DOD) Cybersecurity Maturity Model Certification program (CMMC) 2.0 is now. DOD formally sent the final...more

Shook, Hardy & Bacon L.L.P.

California Adopts Regulations on Cybersecurity Audits

Shook, Hardy & Bacon L.L.P. on

California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more

Mayer Brown

China Proposes Amendments to the Cybersecurity Law

Mayer Brown on

INTRODUCTION - Almost eight years after the Cybersecurity Law (“CSL”) came into force in the PRC in 2017, the Cyberspace Administration of China (“CAC”) issued draft amendments to the CSL (“2025 Draft Amendments”) on 28...more

Dickinson Wright

Ohio’s Cyber Law For Local Governments: 5 Steps Over 75 Days to Meet the September 29 Deadline

Dickinson Wright on

In its FY 2026 budget, Ohio quietly folded in a sweeping cybersecurity mandate that will require every “political subdivision” to have a cybersecurity program that aligns with recognized industry frameworks and adopt strict...more

Thomas Fox - Compliance Evangelist

Compliance and AI: Navigating Risk Management in the AI Era with Gaurav Kapoor

Thomas Fox - Compliance Evangelist on

What is the role of Artificial Intelligence in compliance? What about Machine Learning? Are you using ChatGPT? These questions are just three of the many we will explore in this cutting-edge podcast series, Compliance and AI,...more

Skadden, Arps, Slate, Meagher & Flom LLP

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

Skadden, Arps, Slate, Meagher & Flom LLP on

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

Paul Hastings LLP

ICO Annual Report Provides Insight Into Data Protection Risks for Businesses

Paul Hastings LLP on

The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more

DLA Piper

CHINA: DPOs Must Be Registered Before 29 August 2025

DLA Piper on

While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more

Alston & Bird

SEC Withdraws Proposed Cyber-Related Rule Applicable to Broker-Dealers And Signals SolarWinds Settlement on the Horizon

Alston & Bird on

The Securities and Exchange Commission (SEC) recently announced the withdrawal of several Biden-era regulations, including a proposed rule that would have required a broad range of platforms and financial intermediaries (such...more

McCarter & English Blog: Government Contracts...

FAR 2.0 Part 39 in Arcade Mode—How Federal IT Acquisition Just Hit Reset

McCarter & English Blog: Government Contracts... on

For those who grew up gripping a joystick and dodging alien fire in Defender, riding ostriches through floating platforms in Joust, or crossing a hectic freeway in Frogger, winning wasn’t about memorizing rules; it was about...more

ArentFox Schiff

Have You Enrolled in EDGAR Next? Enrollment Deadline Approaching

ArentFox Schiff on

In September 2024, the US Securities and Exchange Commission (SEC) adopted rule changes to its Electronic Data Gathering, Analysis, and Retrieval (EDGAR) file access and account management system (EDGAR Next), which went into...more

American Conference Institute (ACI)

[Webinar] Top 5 Game-Changing Regulatory Shifts Impacting Financial Compliance and Board Accountability - September 24th, 1:00 pm...

American Conference Institute (ACI) on

Don’t miss this complimentary webinar spotlighting the five most pressing regulatory developments reshaping compliance in Canada’s financial sector. From board-level liability, to shifting enforcement priorities, get up to...more

Dacheng

Decoding the Regulation of “Important Data” in China and the U.S.: Similarities and Differences, Compliance Obligations, and...

Dacheng on

With the rapid development of informatization, how to better safeguard national security in an increasingly complex information environment has become a critical consideration in digital legislation. A key issue within this...more

HaystackID

AI Summaries in Google Discover: Rethinking Information Governance, Discovery, and Security

HaystackID on

In a bold initiative to integrate AI across various platforms, Google has launched AI-generated summaries in its Discover product, a personalized news feed widely accessible on Android and iOS devices. These AI summaries...more

Alston & Bird

Inside the SK Telecom Data Breach: What Happened and What Companies Can Learn

Alston & Bird on

In April 2025, SK Telecom—South Korea’s largest mobile carrier—formally notified regulators of a significant data breach that compromised sensitive SIM card data belonging to nearly 27 million users. Following an...more

Segal McCambridge

Key Business Litigation & Transaction Trends Every Executive Must Know in 2025

Segal McCambridge on

As we continue to navigate 2025, business leaders face an increasingly complex legal landscape shaped by technological advancements, evolving regulations, and dynamic market conditions. Understanding these emerging trends is...more

Clark Hill PLC

Key lessons on the False Claims Act for government contractors after Raytheon’s $8.4 million settlement

Clark Hill PLC on

Government contractors should be on high alert following the recent announcement that Raytheon Company, its parent RTX Corporation, and Nightwing Group, LLC, have agreed to pay $8.4 million to resolve allegations of violating...more

J.S. Held

Navigating Cloud Forensics in Complex Investigations

J.S. Held on

Introduction: Understanding Cloud Data in the Modern Digital Landscape - In today’s hyper-connected digital world, we interact with vast amounts of data, much of which isn’t stored locally on our devices but instead...more

DLA Piper

GPAI Code of Practice – Final Version Published by European Commission

DLA Piper on

The European Commission has published the final version of a general-purpose AI (“GPAI”) Code of Practice. We took a deeper look into it and prepared a short summary to help you understand what the GPAI Code of Practice is,...more

A&O Shearman

EU RTS on subcontracting ICT services supporting critical or important functions under DORA published in OJ

A&O Shearman on

Commission Delegated Regulation (EU) 2025/532 has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to regulatory...more

Baker Botts L.L.P.

EU Releases General-Purpose AI Code of Practice

Baker Botts L.L.P. on

On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more

Skadden, Arps, Slate, Meagher & Flom LLP

The EU’s New Cybersecurity Law for the Space Sector

Skadden, Arps, Slate, Meagher & Flom LLP on

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

Morrison & Foerster LLP

NIS 2: Strengthening Europe’s Cyber Defenses

Morrison & Foerster LLP on

European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more

175 Results
 / 
View per page
Page: of 7
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide