We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
What to Do When Leadership Doesn’t Take Compliance Seriously
Nonprofit Basics: Grant Agreements—Matching Grants, IP, Recoverable Grants & More
AI Today in 5: August 13, 2025. The Beware the EU AI Act Episode
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
Workplace Sexual Assault and Third-Party Risk: What’s the Tea in L&E?
Data Driven Compliance: Understanding the ECCTA and Its Impact with Jonathan Armstrong
Moving Beyond the Usual Helpline Data
Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Innovation in Compliance: Operationalizing Trust at Scale: A Conversation with Amanda Carty on Compliance and AI
AI Today in 5: August 7, 2025. The US v. China Episode
Hill Country Authors – Exploring the Challenges of a Green Transition with Tom Ortiz
Taxing Intelligence: AI's Role in Modern Tax Administration
LathamTECH in Focus: Move Fast, Stay Compliant
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Daily Compliance News: August 6, 2025, The Spanking Banks Edition
AI Today in 5: August 5, 2025, The AI at the SEC Episode
Compliance Tip of the Day: M&A – International Issues
From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
All buzzwords aside — how is your risk and compliance technology really performing? Join us for a focused virtual event where experts will share tips for simplifying processes while maturing GRC programs, aligning...more
There are a lot of benefits to implementing a team collaboration tool like Workplace from Meta. As I’ve written before, an enterprise social network can improve communication, streamline collaboration, and even improve and...more
A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more
If you hang out with CISOs like I do, shadow IT has always been a difficult problem. Shadow IT refers to refers to “information technology (IT) systems deployed by departments other than the central IT department, to bypass...more
Let’s role-play the title “Chief Information Security Officer” (CISO) as various chess pieces, each representing different aspects of the challenges and responsibilities faced in this critical position. Examining these...more
RegFi co-hosts Jerry Buckley and Sherry Safchuk welcome Orrick partner Aravind Swaminathan for a conversation exploring the critical and evolving role of the Chief Information Security Officer in today’s corporate landscape.....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
Amidst the relentless waves of pandemic-induced uncertainty, organizations found themselves at a crossroads, compelled to reimagine how their businesses operated. For example, when stay at home orders continued to be extended...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
I always enjoy retrospective “year in review” postings to start off the new year. For years, I have sought to identify and capture important compliance trends, typically focused on specific professionals in the compliance...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
It’s safe to say that there could be a whole series dedicated to Artificial Intelligence (AI) and the various use cases and ramifications of such groundbreaking technology. While there are ethical considerations, security...more
The International Association of Privacy Professionals held its annual Global Privacy Summit on April 4-5 in Washington, D.C. Here are some things we learned. 1. Generative Artificial Intelligence (“AI”) is Ubiquitous in the...more
In January, we presented our annual top risk and compliance predictions that will impact organizations most in 2022. However, things move quickly in today’s risk world, and a mid-year check-in with Kristy Grant-Hart and...more
Integrated Risk Management (IRM) and Governance, Risk Management and Compliance (GRC) are critical areas for business security and success. But all too often these programs aren’t thoroughly tested – or worse, aren’t...more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
At the recent Mitratech Interact US 2020 online event, Tony Bethell, VP Alliances at Mitratech, and Jay Chakraborty, a Partner at PWC, explored the practical steps businesses are taking to manage better the challenges of...more
Businesses that decide to invest in an ERM-GRC risk management solution often fail at implementation. Why? There are many reasons, including: - Setup of the software goes over budget...more
It’s a business maxim: Where business goes, risks follow. And in recent years, business has found itself in places that might not have been part of the original plan: Digital processes, global business, outsourcing to third...more
Companies today need to take a holistic view of risk and compliance; it is no longer sufficient to let individual departments or teams be responsible for managing risk and compliance alone. ...more
The Department Of Justice (DOJ) and Securities and Exchange Commission (SEC) have both made it clear that they expect companies to be more robust in their use of data analytics in compliance programs....more
Today, I want to focus on what the compliance practitioner should do to move themselves forward professionally in 2020 and beyond. I drew inspiration from the Financial Times (FT) piece, entitled “Work in the 2020s: 5...more
This week, I am writing a blog post series based upon the MIT Sloan Management Review Special Report: Making Good on the Promise of AI. Today, I want to consider the article People and Machines: Partners in Innovation by...more
In this multi-part blog post series, I am exploring the increased use of technology to continue to drive the performance of corporate compliance programs. I am considering the use of Artificial Intelligence (AI) in a best...more