Moving Beyond the Usual Helpline Data
Episode 381 -- NAVEX's 2025 Annual Hotline Report
CSC Guidance Unveiled: NIL Enforcement and Implications for Collectives — Highway to NIL Podcast
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
New Virginia "Workplace Violence" Definition and Healthcare Reporting Law: What's the Tea in L&E?
What the One Big Beautiful Bill Act Means for Employers - #WorkforceWednesday® - Employment Law This Week®
Understanding the New Overtime Tax Policies in the Big Beautiful Bill
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
(Podcast) California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
Podcast - Navigating the Updated SF-328 Form
Five Tips for a New Public Company Director
Compliance Tip of the Day: Internal Control Deficiencies
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: What is a Gap Analysis
Compliance into the Weeds: Autonomous AI Whistleblowing Misconduct
REFRESH Nonprofit Basics: Federal Tax Filing Deadlines and Penalties
(Podcast) California Employment News: Back to the Basics of Employee Pay Days
The One Big Beautiful Bill Act (“OBBBA”) (Publ. Law 119-21), enacted in July 2025, is a sweeping piece of legislation that addresses many issues. Among them, it allocates $1 billion over four years to boost U.S. offensive...more
Key point: The US Coast Guard’s new cybersecurity rule will transform the security standards and reporting requirements for vessels and marine facilities nationwide over the next three years. On July 16, 2025, the US Coast...more
While the Command’s authority applies only to governmental bodies, its creation signals a shift in how the state organizes its cybersecurity posture. This new law may have practical implications for vendors, contractors and...more
Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more
Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
Australia has implemented a first-of-its kind requirement for eligible businesses to report ransomware payments. From 30 May 2025, eligible businesses that make a payment in response to a cyber security incident, or become...more
On May 30, the ransomware payment reporting requirements of Australia’s Cyber Security Act 2024 (CSA) took effect. The new requirement applies to a broad range of entities and cyber security incidents, requiring reporting...more
On April 8, the OCC announced it had notified Congress of a major information security incident, as required by the Federal Information Security Modernization Act. The incident involved unauthorized access to emails and their...more
On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more
On 14 January 2025, the UK Home Office published a consultation paper focusing on legislative proposals to reduce payments to cyber criminals and increasing incident reporting. ...more
After a data breach, organizations need to understand the scope of the incident in order to quickly resolve it and ensure they are able to meet notification requirements. The urgency often leads to the misguided belief that...more
In late June, the staff of the U.S. Securities and Exchange Commission’s Division of Corporation Finance released five new compliance and disclosure interpretations regarding the disclosure of material cybersecurity incidents...more
The U.S. Securities and Exchange Commission's ("SEC") Division of Enforcement has recently brought a spate of enforcement actions relating to key topics for public companies. These include enforcement actions related to...more
Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more
The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
Cyber regulation is changing in Australia. As governments globally grapple with the everchanging and increasingly challenging cyber landscape, Australia is poised to implement new laws and update existing regulation in order...more
I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more
The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more
As discussed in our previous blog post, the Cybersecurity and Infrastructure Security Agency (CISA) is proposing a significant new rule to bolster the nation’s cyber defenses through mandatory incident reporting. While...more
On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more
In this June Order, SEC Enforcement brought settled charges against R.R. Donnelley & Sons, a “global provider of business communications services and marketing solutions,” for control failures: more specifically, a failure to...more