Episode 381 -- Cadence Design Pays $140 Million to Settle Trade Violations
On Demand, On Purpose: Fashion Manufacturing That Doesn’t Cost the Earth
Compliance Tip of the Day: AI and 3rd Party Risk Management
All Things Investigations – Navigating Secondary Tariffs with Mike Huneke and Brent Carlson
FCPA Compliance Report: The Impact of Secondary Tariffs on Global Trade with Mike Huneke and Brent Carlson
Episode 377 -- Refocusing Due Diligence on Cartels and TCOs
GILTI Conscience Podcast | Beyond the Runway: Navigating Tax, Tariffs and Transfer Pricing in Luxury Fashion
How International Companies Can Prepare for July 9 Tariffs
Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
The Future of Supply Chains: Chris Andrassy on Using AI to Predict & Prevent Disruptions
Hot Topics in International Trade - Tariff Mitigation Strategies
A Voltage Voyage With Danielle Spalding, Cirba Solutions — Battery + Storage Podcast
Compliance in the Former Soviet Central Asian Republics
Tariffs and Trade Series: What Boards of Directors Need to Know
Episode 369 -- Stepping Into the Enforcement Spotlight -- Customs and Border Patrol and Import Enforcement
Tariffs and Trade Series: What Investors Need to Know
Compliance Tip of the Day: Using Supply Chain to Innovate in Compliance
Tariffs and Trade Series: What Senior Management Teams Need to Know
Wiley's 2025 Key Trade Developments Series: Trade Remedies
Understanding Human Trafficking and Modern Slavery: A Business Imperative with Clint Palermo
Business continuity used to live in a binder, often reviewed once a year and quickly forgotten. Today, it has become a critical part of day-to-day risk management and operational strategy....more
On July 23, 2025, the Trump Administration released its AI Action Plan (“the Plan”), a long-anticipated roadmap for the federal government’s approach to AI governance that presents a number of implications for businesses...more
Most organizations rely on complex supply chains, and that reliance has become a point of vulnerability for cyberattacks. This spring, we have witnessed a large-scale cyberattack on a major British multinational retailer due...more
The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more
Artificial intelligence (AI) systems are vulnerable to more than just threat actors. Our Privacy, Cyber & Data Strategy Group examines joint guidance issued by U.S. and international cybersecurity agencies that provides best...more
On May 22 2025, the cybersecurity agencies from the US, UK, Australia, and New Zealand published a Cybersecurity Information Sheet (CIS) on ensuring that data used to train and use artificial intelligence (AI) and machine...more
The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of malicious code embedded in...more
The CRA will affect a broad range of digital products placed on the EU market (including by those based outside the EU), including connected hardware/devices, software and remote data processing solutions. The EU has adopted...more
2024 was a year of numerous and notable cybersecurity failures – although, to be fair, most years are now marred by numerous and notable cybersecurity failures. That’s no longer anything special. What makes 2024 interesting...more
The importance of the global supply chain has never been more apparent since the COVID-19 pandemic resulted in worldwide shortages of products and drove prices and inflation skyward. Supply chain disruptions have become the...more
The U.S. Department of Commerce's Bureau of Industry and Security (BIS) issued an Advance Notice of Proposed Rulemaking (ANPRM) on January 3, 2025, seeking public input to inform the potential development of a rule to secure...more
On January 29, NAVEX is hosting the Top 10 Trends in Risk and Compliance webinar. This post is a preview of two of the topics covered in the eBook and webinar: the rise of AI and the continued focus on cybersecurity and...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
Keypoint: The New York Department of Financial Services (NYDFS) circulated an industry letter offering guidance to NYDFS “Covered Entities” for assessing and managing AI-related cybersecurity risks, including threats...more
Introduction It wouldn't be much of an exaggeration to say that NIS2 is the acronym on everyone's lips. When coupled with its European sister legislation DORA, we encounter a regulatory twosome that make GDPR feel like...more
Effective information security is no longer just dependent on an organisation’s own internal cybersecurity controls. The UK Information Commissioner’s Office (ICO) highlights that third-party service providers are processing...more
On August 15, 2024, the Department of Defense (DOD) announced the much-anticipated Proposed Rule that would amend the Defense Federal Acquisition Regulation Supplement (DFARS) to include Cybersecurity Maturity Model...more
Data breach class actions are again on the rise, with a recent report by Lex Machina confirming what many cybersecurity practitioners have seen first-hand over the last two years. The findings also reaffirm longstanding best...more
The agreed text of the AI Act was published on July 12, 2024, essentially starting the clock on the legal deadlines contained in it. Its obligations will apply in tiered phases, with the first key obligations being enforced...more
When I think of a portal my mind goes immediately to science fiction gateways in time. The literary skills of H.G. Wells in the classic Time Machine, or some of the works of Michael Crichton. Traversing the fantastical realms...more
The Cybersecurity and Infrastructure Security Agency (CISA) has released a revised draft of its Secure Software Development Attestation Common Form ("Form"). The Form, once finalized, will obligate vendors providing software...more
As Artificial Intelligence (AI) grows in popularity, discussion of its potential uses and risks is everywhere. The Department of Defense (DoD) is no exception and has been considering how AI development can be helpful or...more
EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more
At its open monthly meeting on March 16, 2023, the Federal Energy Regulatory Commission (FERC) approved a new cybersecurity standard proposed by the North American Electric Reliability Corporation (NERC) to address the supply...more
Ongoing geopolitical developments such as Russia’s war in Ukraine and tensions between China and Taiwan have continued to fuel higher US military spending. The demand for military weapons is the strongest it has been in...more