Moving Beyond the Usual Helpline Data
Episode 381 -- NAVEX's 2025 Annual Hotline Report
CSC Guidance Unveiled: NIL Enforcement and Implications for Collectives — Highway to NIL Podcast
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
New Virginia "Workplace Violence" Definition and Healthcare Reporting Law: What's the Tea in L&E?
What the One Big Beautiful Bill Act Means for Employers - #WorkforceWednesday® - Employment Law This Week®
Understanding the New Overtime Tax Policies in the Big Beautiful Bill
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
(Podcast) California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
Podcast - Navigating the Updated SF-328 Form
Five Tips for a New Public Company Director
Compliance Tip of the Day: Internal Control Deficiencies
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: What is a Gap Analysis
Compliance into the Weeds: Autonomous AI Whistleblowing Misconduct
REFRESH Nonprofit Basics: Federal Tax Filing Deadlines and Penalties
(Podcast) California Employment News: Back to the Basics of Employee Pay Days
The Committee on Foreign Investment in the United States (CFIUS) recently published its 2024 Annual Report. Filing volume for both declarations and notices remains lower compared to their peaks in 2021 and 2022, respectively....more
On August 6, the Committee on Foreign Investment in the U.S. (CFIUS) released the unclassified version of its Annual Report to Congress for Calendar Year (CY) 2024 (Report), depicting trends in the number of filings through...more
- What is new: On 26 June 2025, the EU Agency for Cybersecurity (ENISA) published guidance documents setting out security measures that regulated organisations should have in place to comply with the EU’s critical...more
On 22 July 2025, the UK Cabinet Office announced a package of proposed reforms to the National Security and Investment Act (NSIA) 2021 aimed at streamlining the regime and easing the burden facing businesses who trigger NSIA...more
On May 27, the Federal Communications Commission (FCC) opened two rulemaking proceedings aimed at foreign involvement in U.S. communications networks, particularly by countries identified as foreign adversaries, such as China...more
The California Air Resources Board (CARB), the agency tasked with enforcing the state’s climate disclosure rules, published guidance this Wednesday on how companies can comply with Senate Bills 253 and 261 (which govern...more
While the Command’s authority applies only to governmental bodies, its creation signals a shift in how the state organizes its cybersecurity posture. This new law may have practical implications for vendors, contractors and...more
Recent months have seen a spate of high-profile cyber incidents that have affected UK companies and disrupted supply chains, keeping cybersecurity on the front pages and at the top of UK companies’ agendas. In response to the...more
On May 30, the ransomware payment reporting requirements of Australia’s Cyber Security Act 2024 (CSA) took effect. The new requirement applies to a broad range of entities and cyber security incidents, requiring reporting...more
Since its announcement during the King’s Speech on 17 July 2024, there has been much anticipation over the contents of the Cyber Security and Resilience Bill (“CS&R Bill“) and in particular the extent to which it will bring...more
The infrastructure measures in the Planning and Infrastructure Bill introduce amendments, principally to the Planning Act 2008, that aim to make the NSIP regime faster and more flexible to support the Government’s major...more
On November 7, 2024, the Transportation Security Administration (the “TSA”) published a Notice of Proposed Rulemaking (the “Proposed Rule”) that would mandate cyber risk management (“CRM”) and reporting requirements for...more
On January 14, the UK government published a consultation on new measures to tackle the increasing threat of ransomware attacks. Ransomware is malicious software (malware) that infects a victim’s computer system and prevents...more
On 14 January 2025, the UK Home Office published a consultation paper focusing on legislative proposals to reduce payments to cyber criminals and increasing incident reporting. ...more
U.S. investors interested in investing in advanced Chinese technology companies may now be constrained by the U.S. Government’s first-ever outbound investment rule (Final Rule) which took effect on Jan. 2, 2025. The Final...more
To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more
Deux études particulièrement intéressantes ont récemment été publiées par l’Agence Française Anticorruption (l’AFA) et la Commission européenne dans le domaine de la lutte contre la corruption. La première étude publié...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
It has been a busy month for cyber and privacy regulation in Australia. On the heels of the proposed amendments to the Privacy Act 1988 released just under a month ago, three further draft Bills relating to cyber security...more
The US Cybersecurity and Infrastructure Security Agency (CISA) recently published a Notice for Proposed Rulemaking intended to supplement the Cybersecurity Incident Reporting for Critical Infrastructure Act (CIRCIA). The...more
As discussed in our previous blog post, the Cybersecurity and Infrastructure Security Agency (CISA) is proposing a significant new rule to bolster the nation’s cyber defenses through mandatory incident reporting. While...more
Whether the game is football, baseball, hockey, or Indy Car racing, no team goes into their major championship matchup without training. Companies need to train as well if they intend to operate on the internet and expect to...more
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
Cyber incidents involving critical infrastructure pose a serious risk to the US. In March 2024, the Environmental Protection Agency and the National Security Advisor warned state governors about potential attacks on drinking...more
On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more