AI Today in 5: August 7, 2025. The US v. China Episode
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Podcast - Third-Party Assessments and NIST SP 800-171
Third-Party Assessments and NIST SP 800-171
[Podcast] AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework
Compliance into the Weeds - ChatGPT for the Compliance Professional
Nota Bene Episode 150: Building an AI Risk Management Framework with Siraj Husain
DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Cybersecurity and Data Privacy Year in Review: Major Breaches, Changes in the Law, and Upcoming Trends
The Government Contracts Cyber Café: Recent Developments Update
How to Respond to President Obama's Cybersecurity Executive Order
A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more
On April 14, 2025, the National Institute of Standards and Technology (NIST) released a draft update to the NIST Privacy Framework 1.1. The updates are meant to enhance organizations’ data governance and risk management and...more
The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more
At the Practising Law Institute’s 56th Annual Institute on Securities Regulation, panelists discussed how public companies are addressing cybersecurity and artificial intelligence (AI) related issues....more
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more
Cybersecurity compliance, governance, and disclosure practices have evolved significantly over the past decade. As we have noted in prior blog posts, the U.S. Securities and Exchange Commission is requiring cybersecurity...more
This memorandum outlines considerations for foreign private issuers ("FPIs") in preparation for the 2019 annual reporting season. Part I (pg. 2) provides a summary of certain key trends and insights from the 2018 US proxy...more
Cybersecurity is “hot” and will stay “hot” for corporations, executives, regulators, law enforcement and legislators. Rarely is there a corporate compliance discussion in 2017 where cyber isn’t “the” topic or a material part...more
Editor's Note - OCC to Move Forward with Federal FinTech Charter. In a development foreshadowed in the April 6, June 29 and September 14 editions of the Roundup, on December 2, the Office of the Comptroller of the...more
A continuing frequent question from public companies is how a board should be constituted to oversee cybersecurity. Many public companies foist this additional burden on the audit committee. Those large enough to have a...more
It has taken a while for companies to realize the value of digital assets, and it is also taking a while for companies to digest the significance of digital risks. In the digital economy, virtually all aspects of business...more
The Federal Financial Institutions Examination Council (FFIEC) released a Cybersecurity Assessment Tool (CAT) on June 30, 2015, to assist organizations in identifying cyber risks and assessing their cybersecurity...more
With the rash of significant data security incidents that occurred in 2013 and have continued to this day, it is increasingly important for companies to have an updated cybersecurity preparedness plan. The World Economic...more
One June 10th SEC Commissioner Luis Aguilar made a speech before the New York Stock Exchange, and he took the opportunity to discuss good corporate governance as it relates to cybersecurity and boards of directors....more
While attending the "Cyber Risks and the Boardroom" Conference at the New York Stock Exchange on Tuesday, June 10, 2014, U.S. Securities and Exchange Commissioner Luis Aguilar called on corporate boards to make sure they are...more