Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Hospice Insights Podcast - AI in Action: Exploring How AI Is Helping Hospices Do Things in New Ways
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Litigation against banks and other financial services firms is always evolving. This mid-year 2025 update discusses trends from recent case filings and decisions and highlights the importance of awareness of new legal...more
Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
Welcome to “SERC’ling Up,” your resource for staying ahead in today’s fast-evolving financial landscape. This newsletter delivers perspectives on the latest enforcement trends, regulatory updates and high-stakes developments...more
On May 19, the GAO published a report discussing the use and oversight of AI in financial services. The report highlighted the benefits of AI, such as improved efficiency, reduced costs, and enhanced customer experience,...more
The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more
On April 22, 2025, Laura D’Allaird, Chief of the SEC’s Cyber and Emerging Technologies Unit (CETU), participated in the Incident Response Forum Masterclass 2025 (Incident Response Masterclass). In the session, titled “SEC...more
On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more
As companies shift their thinking from “if” a cyberattack will happen to “when” an attack hits, the key differentiator in how a company emerges from an attack is often dictated by preparation and strategic planning in order...more
Members of the health care and financial industries, along with other industries that hold sensitive data, are warned that a ChatGPT vulnerability is being actively exploited by threat actors to attack security flaws in AI...more
Businesses that are subject to the NYDFS Cybersecurity Regulations have four weeks left to submit their annual notices of compliance or acknowledge their noncompliance. When the regulations were amended in 2023, several of...more
On 13 February 2025, the Australian Federal Parliament passed the Scams Prevention Bill 2025 (Cth) ("Bill"), the first of its kind worldwide....more
Financial firms doing business in New York should be mindful of a recent e-blast sent by the state’s financial regulator concerning cybersecurity requirements that become effective in less than two months. The New York...more
Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more
On February 7, the union representing CFPB employees published a notice expressing concerns regarding the recent addition of certain DOGE employees to the CFPB’s email directory and their presence in offices. ...more
On February 4, the California DFPI announced a consent order issued against a credit union (respondent) following a significant cybersecurity breach. This breach, a ransomware attack, allegedly led to the shutdown of various...more
Financial Information Service Order – Postponement Order Due to requests from licensed credit providers and licensed operators of credit brokerage system, who are deemed as information sources pursuant to the Financial...more
On May 16, 2024, the SEC adopted amendments to Regulation S-P requiring broker-dealers, registered investment companies, registered investment advisers, funding portals, and transfer agents (collectively, “covered...more
Trying to plot the course for a data security plan in 2025 requires piecing together the maps of various cartographers and decoding each map’s legends and keys....more
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
European regulators recently published clarifications on the scope of ICT services under the EU Digital Operational Resilience Act (DORA), prepared by the European Commission, which confirms previous guidance and enables...more
The FBI's Internet Crime Complaint Center (IC3) report sheds light on the growing threat of cybercrime, both nationally and within North Carolina. The state ranks among the top 15 in the U.S. for cybercrime complaints,...more
Following our recent client alert, learn more about PCI DSS 4.0 coming into effect and its impact on organizations in 2025. Mark Schreiber, Brian Long, and Sam Genovese share further insights from working with clients on...more