Nonprofit Quick Tips: State Filings in Alabama and Arkansas
Avoiding a Bored Board
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Daily Compliance News: July 21, 2025, The More Reasons Not to Go to China Edition
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
Compliance Tip of the Day: COSO Governance Framework - Part 5, People
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Daily Compliance News: July 17, 2025, The COSO Yanked Edition
Compliance Tip of the Day: COSO Governance Framework: Part 2, Oversight
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Daily Compliance News: July 14, 2025, The Secret Business Sauce-Reading Edition
Episode 377 -- Refocusing Due Diligence on Cartels and TCOs
10 For 10: Top Compliance Stories For the Week Ending, July 12, 2025
Daily Compliance News: July 11, 2025, The What is a COI Edition
Treating Compliance Like an Asset
Five Tips for a New Public Company Director
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Everything Compliance: Episode 156, To Document or Not Edition
A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
Let’s role-play the title “Chief Information Security Officer” (CISO) as various chess pieces, each representing different aspects of the challenges and responsibilities faced in this critical position. Examining these...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
Amidst the relentless waves of pandemic-induced uncertainty, organizations found themselves at a crossroads, compelled to reimagine how their businesses operated. For example, when stay at home orders continued to be extended...more
The U.S. Securities Exchange Commission (SEC) recently adopted a final rule regarding cybersecurity risk management, governance, and incident reporting. The final rule went into effect on September 5, 2023, and disclosure...more
On January 30, 2024, McDermott Partners Edward (Jed) Gordon, Kate Vera, and Todd Kornfeld and Associate Allison McSorley Tassel discussed on a panel the current market conditions and shared different capital raising options...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
This week, the SEC filed a high-profile litigation asserting fraud and internal controls charges against software company SolarWinds Corporation and its Chief Information Security Officer, Timothy G. Brown, in connection with...more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
Earlier this year, the National Association of Corporate Directors (NACD) released an updated version of its Director’s Handbook on Cyber-Risk Oversight (Handbook). The updates add 16 pages of content to the previously...more
A number of major carriers have suffered high-impact IT events in the past several months. Estimates of losses in these cases have exceeded £100m. This is on top of (no doubt significant) remedial costs, reductions in share...more
Earlier this week, President Obama, by Executive Order, established the Commission on Enhancing National Cybersecurity within the Department of Commerce. The commission will be comprised of up to 12 members including...more
The Federal Financial Institutions Examination Council (FFIEC) released a Cybersecurity Assessment Tool (CAT) on June 30, 2015, to assist organizations in identifying cyber risks and assessing their cybersecurity...more