What to Do When Leadership Doesn’t Take Compliance Seriously
Data Driven Compliance: Understanding the ECCTA and Its Impact with Jonathan Armstrong
Innovation in Compliance: Operationalizing Trust at Scale: A Conversation with Amanda Carty on Compliance and AI
Hill Country Authors – Exploring the Challenges of a Green Transition with Tom Ortiz
Compliance into the Weeds: A Deep Dive into Cadence Design Systems’ Export Control Violations
Daily Compliance News: August 5, 2025, The Staying Focused Edition
Adventures in Compliance: The Novels - The Valley of Fear, Introduction and Compliance Lessons Learned
FCPA Compliance Report: Navigating Corporate Scandals: Insights on Governance, Compliance, and Recovery with Steve Vincze
Daily Compliance News: August 1, 2025, The All AI Edition
Episode 381 -- NAVEX's 2025 Annual Hotline Report
12 O’Clock High, a podcast on business leadership: Building Trust and Relationships: The Power of Compliance and Ethics with Jacqui Pruet
Data Driven Compliance: Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
Nonprofit Quick Tips: State Filings in Alabama and Arkansas
Innovation in Compliance: Scaling Compliance Programs: Insights from a Navy Veteran and Compliance Leader
Compliance Tip of the Day: Strategies for Embedding Compliance into your Organization
10 For 10: Top Compliance Stories For the Week Ending, July 26, 2025
Compliance and AI: Navigating Risk Management in the AI Era with Gaurav Kapoor
Daily Compliance News: July 25, 2025, The New Sheriff in Town Edition
When we write about data privacy, it’s easy to default to talking to “privacy professionals.” But take a look at the privacy management industry: The privacy program managers, chief privacy officers, and other purely...more
The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more
Let’s role-play the title “Chief Information Security Officer” (CISO) as various chess pieces, each representing different aspects of the challenges and responsibilities faced in this critical position. Examining these...more
The SEC on Oct. 22, 2024, announced charges against four companies for allegedly making materially misleading disclosures concerning the impact of cybersecurity incidents associated with the compromised SolarWinds' Orion...more
Our corporate team outline the latest developments within the corporate and finance market in Bermuda including Bermuda’s Corporate Income Tax Act 2023, Cyber risk management and The Bermuda Monetary Authority's enhancements...more
Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more
The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more
On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more
On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more
On July 18, Judge Paul Engelmayer of the Southern District of New York issued a lengthy order dismissing the majority of the SEC’s enforcement case against SolarWinds Corporation (SolarWinds) and its CISO, Timothy Brown. The...more
The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
Managing these risks at a single company should be straightforward. Executives and CISOs may be personally held accountable for cyber failings, negligence, breaches, and inadequate disclosure around cyber vulnerabilities and...more
A number of significant regulatory, legal, market, and ESG-related developments and issues will affect how public companies approach the upcoming year-end reporting process. As in past years, Mintz has prepared an in-depth...more
On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial...more
Partner and co-head of Skadden’s Cybersecurity and Data Privacy practice David Simon recently sat down with two chief information security officers (CISOs) from the private equity sector as part of the firm’s National Cyber...more
This week, the SEC filed a high-profile litigation asserting fraud and internal controls charges against software company SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, in connection with...more
Any time a regulation is put forth, there is always a level of uncertainty, especially regarding understanding the roles and responsibilities of key business leaders. The SEC’s new cybersecurity final rule means heightened...more
The SEC, by a 3-2 vote, has adopted new rules requiring companies to provide: ..current disclosure on Form 8-K within four business days of determining that a material cybersecurity incident has occurred; and ...more
Clearly defined roles and responsibilities are an essential component of an effective compliance program. Failure to adequately assign responsibility can lead to gaps in compliance coverage and a lack of accountability. ...more
Most chief compliance officers (CCOs) are not technology experts, just as chief information security officers (CISOs) are not regulatory compliance experts. But as a strategic partnership, these two functions play an...more
As our business environment becomes more complex and regulated, it is crucial for organizations to stay on top of their risk and compliance priorities. In this webinar, leaders in compliance and statistical research will...more
ChatGPT really is a marvelous technology – an artificial intelligence designed to answer just about any question a person might ask it – and yet, somehow, it leaves CISOs and compliance officers with even more questions....more