Top challenges with Compliance Management
Solicitors General Insights: The Tale of Two Washingtons — Regulatory Oversight Podcast
The Capital Ratio Podcast | Entering the US Banking Market
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Solicitors General Insights: The Legal Frontlines in Iowa and Indiana — Regulatory Oversight Podcast
Cannabis Law Now Podcast - Cannabis in the Show Me State: An Interview with BeLeaf Medical's Mitch Meyers
2 Gurus Talk Compliance – Episode 54 – The FCPA is Back On Edition
Compliance Tip of the Day: Board Oversight on Internal Controls
Healthcare Enterprise Risk Management
Understanding MALPB Charters: A Collaborative Approach to Banking Innovation — Payments Pros – The Payments Law Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The fatal flaws in the 2023 CRA rule
Evolving AI Legislation: Federal Policies, Task Forces, and Proposed Laws — The Good Bot Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
From Cell Phones to Tractors: The Right to Repair Movement Drives On — Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Solicitors General Insights: A Deep Dive With Mississippi and Tennessee Solicitors General — Regulatory Oversight Podcast
Leadership and Innovation at the Illinois AG's Office — Regulatory Oversight Podcast
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — Payments Pros – The Payments Law Podcast
On March 7, 2025, the Department of Homeland Security (“DHS,” “the agency”) disbanded the Critical Infrastructure Partnership Advisory Council (“CIPAC,” “the Council”), originally established in 2006 to facilitate...more
On February 21, 2025, Dubai-based Bybit, one of the world’s leading cryptocurrency exchanges, suffered a massive security breach, resulting in the loss of approximately $1.5 billion in Ethereum (ETH). The incident, which is...more
On January 28, 2025, FINRA issued its 2025 Annual Regulatory Oversight Report, providing a detailed look into FINRA’s current regulatory oversight of member firms and their registered personnel....more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
Selected U.S. Privacy and Cyber Updates - NYDFS Releases Circular Letter on Use of AI in Insurance Underwriting and Pricing - On January 17, 2024, the New York State Department of Financial Services (NYDFS) issued a proposed...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
The Most Significant Developments in Cybersecurity and Cyber-Related Liability Risks - As we reflect upon 2023, it will unfortunately be remembered as a record-breaking year for ransomware and cybercrime....more
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more
The term “metaverse” first appeared in 1992 as an abstract concept in Neal Stephenson’s dystopian novel Snow Crash. Two decades later, the Metaverse has since evolved from a mere idea to a figment of everyday reality, as it...more
Ransomware has become the fastest growing type of cybercrime facing businesses today. In 2021, loss values were estimated to have reached at least 57 times those in 2015, exceeding $20 billion. Data and privacy issues are so...more
Colonial Pipeline shut down 5,500 miles of its East Coast pipeline on May 7, 2021, in an effort to contain a security breach resulting from a ransomware attack. Colonial’s pipeline is one of the nation’s largest and carries...more
Malware goes commercial. Last year, Jeff Bezos’ phone was hacked after he received a message on WhatsApp containing a line of malware code. The incident has shed light on the malware, aka spyware, industry. Companies sell...more
Last Thursday, Governor Andrew M. Cuomo signed the Stop Hacks and Improve Electronic Data Security (“SHIELD”) Act, which amends New York’s current data breach notification law and places increased obligations on businesses...more
A year ago, on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into force. With its extraterritorial scope and detailed requirements, the GDPR aimed to change the approach to personal data...more
To illustrate just how creative phishing campaigns have become, on January 30, 2019, it was reported by multiple credit unions that Bank Secrecy Act officers at credit unions around the country received emails that appeared...more
Google Receives Record GDPR Fine - Marking the first major penalty against a U.S. tech company under the General Data Protection Regulation (GDPR), the French data-protection authority, CNIL, has fined Google a record $57...more
As we turn the page on 2018, let’s reflect on some of the key privacy and cybersecurity issues that will continue to occupy our hearts and minds in 2019....more
On September 28, Governor Jerry Brown approved California Senate Bill 327, making California the first state in the country to regulate the security of Internet of Things (IoT) devices. ...more
On April 18, 2018, the Government of Canada published the final regulations relating to mandatory reporting of privacy breaches under Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). ...more
JONES DAY CYBERSECURITY, PRIVACY & DATA PROTECTION ATTORNEY SPOTLIGHT: Richard Martinez - Europe's new General Data Protection Regulation ("GDPR") is driving an evolution in corporate privacy practices globally. As...more
Cyber attacks continue to be a pervasive and destructive threat to all institutions and the legal and regulatory landscape currently in place to address those threats continues be reshaped in an effort to address those...more
• The U.S. Securities and Exchange Commission (SEC) released, on Feb. 21, 2018, updated guidance regarding public company cybersecurity disclosures. The guidance updates the Commission's 2011 non-binding guidance and...more
IVASS has just published a letter to the market addressed to Italian and EU insurance intermediaries and undertakings addressing the level of awareness of traditional intermediaries about the risks involved in the use of new...more
New York State regulators won’t be letting Equifax, Inc. off-the-hook any time soon for last year’s massive data breach that affected more than 145 million Americans....more
In this month's edition of our Privacy & Cybersecurity Update, we discuss the Article 29 Data Protection Working Party's critique of the Privacy Shield and the Sixth Circuit's decision to consider the issue of computer fraud...more