What to Do When Leadership Doesn’t Take Compliance Seriously
Workplace Sexual Assault and Third-Party Risk: What’s the Tea in L&E?
Creativity and Compliance: Reinventing Compliance with Creativity: The Acteon I-Care Code
From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Innovation in Compliance: Mastering Communication: Insights from Dr. Dennis Cummins on Speaking and Selling without Selling
Great Woman in Compliance: The Power of Vulnerability with Cricket Snyder
Innovation in Compliance: The Power of Accountability and Team Culture with Gina Cotner
2 Gurus Talk Compliance: Episode 55 – The From Worse to Worser Edition
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Tips for Conducting a Trade Secret Assessment with Rob Jensen
New Virginia "Workplace Violence" Definition and Healthcare Reporting Law: What's the Tea in L&E?
Work This Way: An Employment Law Video Podcast | Episode 51: Smarter Recruiting Strategies with Rhiannon Poore of Forge Search
Daily Compliance News: July 8, 2025, The Learning on the Job Edition
Summer Strategies for Work Success
Work this Way: An Employment Law Video Podcast | Episode 49: Building Culture by Investing in People with Silvia King of Southern First Bank
Performance Reviews: Lessons from Severance — Hiring to Firing Podcast
Coffee Badging: Mastering the Art of Office Presence — Hiring to Firing Podcast
Creativity and Compliance: Nourish Your Audience: A New Approach to Compliance Training
Work This Way: A Labor & Employment Law Podcast | Episode 47: Coaching Leaders & Building Culture with Robyn Knox of The HR Business Connect
Sunday Book Review: May 18, 2025, The Books on Engaged Training Edition
I didn’t plan on working in cybersecurity. My path wasn’t exactly traditional, but every job I had taught me how systems break—technical or operational, it didn’t matter. ...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Cyber incidents are an ever-present threat to organisations of all sizes. While many companies have documented Cyber Incident Response (CIR) plans, they often fall short when it comes to real-world application. Below, we will...more
As part of Data Privacy Awareness Week, Ward and Smith is spotlighting the most common types of data breaches that businesses encounter. In Part 1, we explored the industries most vulnerable to cyberattacks, highlighting the...more
As 2025 approaches, compliance and risk management professionals must stay vigilant amidst escalating workplace challenges. Among the Top 10 Trends in Risk and Compliance for the upcoming year, two critical issues – rising...more
They appeared. They caused a fright. And then they disappeared… along with all of your data. While not a ghost, that is how most hacking groups operate and their ghostly presence is growing across the globe....more
You might have yet to hear of the NIS2 Directive, but you should be aware of it if you’re in any sector that relies on digital infrastructure. Whether you’re a business owner, IT professional, or curious about how the EU...more
It’s not enough to have the right policies in place — you have to embed those policies into the fabric of your organization. In today’s fast-paced and interconnected business world, ensuring compliance and building an...more
On July 2, 2024, the Occupational Safety and Health Administration (OSHA) took significant steps to address the risk of heat exposure in the workplace, particularly in the construction industry. This initiative is driven by...more
Rarely a day goes by without at least one report of workplace misconduct hitting the headlines globally. In a post-#MeToo era, there is an ever-increasing focus from society on how organizations respond to and deal with...more
Typically, we beat the drum of the need to prepare for a data incident—anything from a full-blown ransomware attack to an employee accidently sharing data with the wrong person—by having your Incident Response Plan developed...more
The annual Cost of a Data Breach Report (Report) published by IBM is reliably full of helpful cybersecurity data. This year is no different. After reviewing the Report, we pulled out some interesting data points. Of course,...more
In today’s connected world, businesses face constant pressure to improve their cybersecurity practices and to confirm that they are meeting industry standards. To continue helping businesses achieve those goals, the SEC...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
Data security and privacy concerns have become one of the top issues keeping business leaders up at night. According to the Ponemon Institute’s 2018 study regarding the cost of data breaches, data breaches are increasingly...more
In this day in age where a vast amount of information is stored electronically and you can buy almost anything with a “1-click” purchase, it comes as no surprise that cyber incidents are on the rise, especially among...more
Due to the dramatic increase and changing nature of cyber risks, mergers and acquisitions due diligence should expand to address cyber risks, available risk mitigation practices, and available insurance. Acquiring companies...more
One collection of terms I hear a lot is “tools, processes and people.” All three need to be successfully deployed to make a compliance program run properly while also creating an organizational culture that supports...more
We are thrilled to bring you the third installment of Stinson Leonard Street's Emerging Trends newsletter. We are proud of the depth and breadth of experience and knowledge across our firm's 13 offices nationwide and are...more
On September 13, 2016, the New York State Department of Financial Services (DFS) proposed new rules that would require certain “Covered Entities” to establish and implement cybersecurity programs designed to protect nonpublic...more