Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more
On March 23, 2025, 23andMe, a pioneer in the field of genetic testing and consumer healthcare, announced it had filed for Chapter 11 bankruptcy in the U.S. Bankruptcy Court for the Eastern District of Missouri. The objective...more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
In today’s hyperconnected world, cyberattacks are no longer a question of if but when. For general counsels (GCs), the responsibility extends far beyond legal risk management - it’s about guiding the organization through the...more
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
Welcome to our eighth 2024 issue of Decoded - our technology law insights e-newsletter. Thank you for reading. EU AI Act Tightens Grip on High-Risk AI Systems: Five Critical Questions for U.S. Companies - Why this is...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
The Securities and Exchange Commission (“SEC”) adopted new rules requiring the disclosure of cybersecurity risk management, strategy, governance and material incidents (the “Rules”), effective September 5, 2023. The Rules...more
Clearly defined roles and responsibilities are an essential component of an effective compliance program. Failure to adequately assign responsibility can lead to gaps in compliance coverage and a lack of accountability. ...more
As cyber threats have evolved and expanded, cybersecurity has emerged as a threat to organizations across sectors, and there is more urgency than ever for companies to remain vigilant and prepared. Cybersecurity incidents can...more
On Monday the Federal Trade Commission issued a press release stating it is settling a case against Drizly and its CEO for a data breach that exposed the information of 2.5 million consumers in July 2020. The proposed...more
The crucial question that a company and its board will face if it suffers a cyber security breach is: "Had you taken reasonable steps to try to prevent a breach, and to prepare to handle any breach that occurred?" If the...more
Ken Mendelson welcomes back Andy Cottrell, the founder and CEO of cybersecurity consulting firm Truvantis to talk more about cybersecurity frameworks. They discuss the difference between a cyber audit and cyber assessment and...more
Cyber attacks continue to be one of the most concerning risks to businesses. COVID-19 is only exacerbating those risks. Add to that the D&O litigation that happens after a cyber event, and you have a recipe for disaster for...more
Takeaways - Boards need to take an active role overseeing cybersecurity measures. - Directors may be held personally responsible for lapses that result in attacks. - U.S. money laundering and sanctions rules may prohibit...more
Cybersecurity and Privacy - Despite cries from corporations and privacy advocates across America for a unified federal privacy law, the nation’s toughest privacy law—the California Consumer Privacy Act (CCPA)—went into...more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
This guide has been compiled to give an overview of the rudimentary legal aspects that should be considered by anyone thinking of establishing a business in the UK. It is aimed at businesses that may already be established in...more
IMPACT OF EQUIFAX, FACEBOOK SETTLEMENTS - Health care industry boards should give close attention to the governance implications of recent privacy settlements entered into by Equifax and Facebook. Their unique facts...more
Every company should expect that at some point it will experience a data breach. Whether as a result of hackers, disgruntled employees, or careless acts such as losing an unencrypted phone or laptop, data breaches may subject...more
In this episode, the third of three building on Akin Gump’s annual Top 10 Topics for Directors report, partner Michelle Reed discusses the critical question of cybersecurity and the corporate world. Among the topics covered: ...more
In this episode, I visit with Jonathan Armstrong on the recent UK court of appeals decision in the Morrisons’ case. This decision stretched the limits of vicarious liability for a corporation to the absolute breaking point...more
In a recent speech, SEC Commissioner Kara Stein commented on the importance of cybersecurity. The Commissioner noted that encouraging adoption of written policies and procedures, voluntary frameworks and non-binding guidance...more
EXECUTIVE SUMMARY - 1. Cybersecurity threats. Cybersecurity preparedness is essential in 2018 as the risk of, and associated adverse impact of, breaches continue to rise. The past year redefined the upward bounds of the...more