News & Analysis as of

Cybersecurity Risk Management Software

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Robinson+Cole Data Privacy + Security Insider

Google Releases June Security Bulletin for Android Devices to Fix Vulnerabilities

Robinson+Cole Data Privacy + Security Insider on

Google recently issued its June Android Security Bulletin that is designed to patch 34 vulnerabilities, all of which Google designates as high-severity defects. The most serious flaw the patch is designed to fix in the...more

Hogan Lovells

Threat actors increasingly introducing malicious code into open source packages

Hogan Lovells on

The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of malicious code embedded in...more

Alston & Bird

European Vulnerability Database Published by the European Union Agency for Cybersecurity

Alston & Bird on

The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here....more

Morgan Lewis - Tech & Sourcing

The Latest Trends in Moving ERP Systems to the Cloud

Morgan Lewis - Tech & Sourcing on

According to Forbes, “in 2025, the landscape of enterprise resource planning (ERP) is set for a thrilling transformation,” with a shift toward cloud-native ERP solutions at the top of the list....more

NAVEX

A Call to Do Better at Vendor Security Risks

NAVEX on

Technology vendors everywhere want to serve big Wall Street banks, so when one of those banks talks about risks they see in their software supply chain, compliance and audit professionals should listen – which brings us to an...more

Alston & Bird

UK Publishes Software Security Code

Alston & Bird on

Cyber security supply chain risks are growing, and attacks on vendors and other third parties cause severe disruption to businesses. For example, in recent years we have seen many incidents that have involved threat actors...more

Mitratech Holdings, Inc

EU Cyber Resilience Act: How to Prepare Now

Mitratech Holdings, Inc on

The EU Cyber Resilience Act (CRA), adopted by the European Parliament in 2024, marks a major milestone in European cybersecurity legislation. As the first EU-wide law focused on the cybersecurity of digital products, it...more

Carlton Fields

No Password Required: CEO of HACKERverse.ai, Disruptor of Cybersecurity Sales and Most Other Things

Carlton Fields on

On this episode, we sit down with Mariana Padilla, CEO and co-founder of HACKERverse.ai — an AI-driven platform transforming how cybersecurity solutions are tested and purchased. From her early days in education and...more

Robinson+Cole Data Privacy + Security Insider

SAP NetWeaver Visual Composer Requires Urgent Patch

Robinson+Cole Data Privacy + Security Insider on

SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise...more

PilieroMazza PLLC

SWIFT to Launch May 1: DOD Fast Tracks Software Deployment Opening New Doors for Defense Contractors

PilieroMazza PLLC on

In a decisive move to stay ahead in an era of rapidly evolving digital threats, the Department of Defense (DOD) is accelerating its push for software modernization. The upcoming launch of the Software Fast Track (SWIFT)...more

Robinson+Cole Data Privacy + Security Insider

WhatsApp Patches Vulnerability That Facilitates Remote Code Execution

Robinson+Cole Data Privacy + Security Insider on

WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6....more

Robinson+Cole Data Privacy + Security Insider

CISA Issues Malware Analysis Report on RESURGE Malware

Robinson+Cole Data Privacy + Security Insider on

On March 28, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR) on RESURGE malware, which is associated with the product Ivanti Connect Secure....more

Sheppard Mullin Richter & Hampton LLP

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

Sheppard Mullin Richter & Hampton LLP on

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

Accelerynt, Inc.

How Over-engineered Security Stacks Are Killing Agility—And What to Do About It

Accelerynt, Inc. on

Tool sprawl is paralyzing enterprise security teams. Learn how to shift from fragile, over-engineered stacks to agile security architectures that accelerate progress....more

Wiley Rein LLP

DOD Mandates Use of Software Acquisition Pathway for Software Development Procurements

Wiley Rein LLP on

WHAT: Department of Defense (DOD) Secretary Pete Hegseth issued a memorandum titled “Directing Modern Software Acquisition to Maximize Lethality” that is intended to reform DOD’s procurement involving software development....more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #434 – Use of GenAI Tools Escaping Corporate Policies

Robinson+Cole Data Privacy + Security Insider on

According to a new LayerX report, most users are logging into GenAI tools through personal accounts that are not supported or tracked by an organization’s single sign on policy. These logins to AI SaaS applications are...more

Robinson+Cole Data Privacy + Security Insider

Joint Cybersecurity Advisory Released on Ghost (Cring) Ransomware

Robinson+Cole Data Privacy + Security Insider on

The Cybersecurity & Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center released an advisory on February 19, 2025, providing information on Ghost...more

Goodwin

EU Updates its Product Liability Regime: Important Considerations for Providers of AI Systems and Software

Goodwin on

The European Union has significantly overhauled its product liability regime with a new directive concerning liability for defective products (Product Liability Directive). EU member states have until December 9, 2026, to...more

Warner Norcross + Judd

Lessons from CES 2025: The Legal Side of Product Innovation — What Every Manufacturer and Supplier Needs to Know

Warner Norcross + Judd on

The 2025 Consumer Electronics Show (CES) — one of the world’s most influential tech events — once again showcased groundbreaking innovations that are shaping the future of technology. I was among the over 141,000 attendees of...more

Miller Nash LLP

Enterprise Liability Insurer Has Duty to Defend Against a Vendor’s Claim, Even When Presented as an Invoice for “Usage Fees”

Miller Nash LLP on

In a win for policyholders, a federal court in Washington recently held that an insurer had a duty to defend a technology company against a vendor’s demand for damages it allegedly suffered when hackers accessed software...more

MoFo Life Sciences

FDA Draft Guidance on Artificial Intelligence-Enabled Device Software Functions

MoFo Life Sciences on

This post is part of MoFo’s 2025 Intersection of AI and Life Sciences blog series. In this blog series, we explore how artificial intelligence is revolutionizing research, innovation, and patient care in the life sciences....more

Hogan Lovells

Security Snippets: CISA publishes sector-specific cyber performance goals for IT and product design

Hogan Lovells on

The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector. Last week, the Cybersecurity and...more

Morrison & Foerster LLP - Government...

Biden’s Final Cybersecurity Order Proposes Significant Changes, All to Be Implemented by the Incoming Administration

Morrison & Foerster LLP - Government... on

Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more

McCarter & English Blog: Government Contracts...

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

DLA Piper

FDA Issues Artificial Intelligence-Enabled Device Software Functions Draft Guidance

DLA Piper on

The US Food and Drug Administration (FDA) recently issued its draft guidance, Artificial Intelligence-Enabled Device Software Functions: Lifecycle Management and Marketing Submission Recommendations on January 7, 2025....more

73 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide