On Demand, On Purpose: Fashion Manufacturing That Doesn’t Cost the Earth
Compliance Tip of the Day: AI and 3rd Party Risk Management
All Things Investigations – Navigating Secondary Tariffs with Mike Huneke and Brent Carlson
FCPA Compliance Report: The Impact of Secondary Tariffs on Global Trade with Mike Huneke and Brent Carlson
Episode 377 -- Refocusing Due Diligence on Cartels and TCOs
GILTI Conscience Podcast | Beyond the Runway: Navigating Tax, Tariffs and Transfer Pricing in Luxury Fashion
How International Companies Can Prepare for July 9 Tariffs
Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
The Future of Supply Chains: Chris Andrassy on Using AI to Predict & Prevent Disruptions
Hot Topics in International Trade - Tariff Mitigation Strategies
A Voltage Voyage With Danielle Spalding, Cirba Solutions — Battery + Storage Podcast
Compliance in the Former Soviet Central Asian Republics
Tariffs and Trade Series: What Boards of Directors Need to Know
Episode 369 -- Stepping Into the Enforcement Spotlight -- Customs and Border Patrol and Import Enforcement
Tariffs and Trade Series: What Investors Need to Know
Compliance Tip of the Day: Using Supply Chain to Innovate in Compliance
Tariffs and Trade Series: What Senior Management Teams Need to Know
Wiley's 2025 Key Trade Developments Series: Trade Remedies
Understanding Human Trafficking and Modern Slavery: A Business Imperative with Clint Palermo
Wiley's 2025 Key Trade Developments Series: U.S.-Mexico-Canada Agreement (USMCA)
2025 has seen a notable push by companies to establish dedicated capability centers—or global capability centers (GCCs)—in countries with lower-cost resources and access to a strong talent pool. According to S&S Insider, the...more
The U.S. Department of Commerce’s Bureau of Industry and Security has issued the final rule that will determine how its Information and Communications Technology and Services regulations will work going forward....more
The U.S. Department of Commerce’s Bureau of Industry and Security has issued the final rule that will determine how its Information and Communications Technology and Services regulations will work going forward. Originally...more
What Is Vendor Onboarding? Vendor onboarding is the process of establishing a company as an approved provider of technology, goods, or services to your organization. It’s also an essential early step in the vendor risk...more
The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more
Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled new cyber performance goals aimed at addressing risks to software development and product design in the IT sector. Last week, the Cybersecurity and...more
The Department of Commerce (Commerce) Office of Information and Communications Technology and Services (OICTS) has broad authority—born out of executive action during the first Trump administration—to identify and mitigate...more
In the first part of Risk Management 101, we focused on the foundational elements of risk management. In part two, we’ll look at how the people who keep your organization running, with their unique insights, skills and...more
Microsoft is one of the world’s leading technology companies. Its products and technologies are in offices, classrooms, and homes. Additionally, governments use them to help conduct vital public services. Microsoft is also...more
The National Institutes of Science and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President...more
The National Institute of Standards and Technology (NIST) recently released a Request for Information (RFI) that seeks to gather information to help evaluate and improve cybersecurity resources for the cybersecurity framework...more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
The supply chain for products is becoming vastly complex as more and more products involve technology components. Technology may be embedded in products to achieve their intended purpose; remotely connected to monitor and...more
The National Institute of Standards and Technology (“NIST”) is seeking comments on its second draft of NIST SP 800-161 Rev. 1, “Cyber Supply Chain Risk Management Practices for Systems and Organizations,” published on October...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
The recent SolarWinds attack alerted the world to the risk of a cyber supply chain attack—an attack through or on your company’s vendors or suppliers. It is increasingly clear that even if you take all the right steps to...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
If 2020 has a lesson for anyone, it is not to make any predictions. That said, predictions do offer people the chance to take stock and sense what the priorities are for the coming months, and where they need to focus their...more
On December 17, 2020, the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force (“the Task Force”)—a public-private partnership whose membership includes industry representatives from...more
A cyberattack on a single gas compression facility resulted in the shutdown of a natural gas pipeline for two days, according to a recent alert from the US Department of Homeland Security’s Cybersecurity and Infrastructure...more
Under this new evaluation process, Commerce can prohibit companies from engaging in a wide variety of transactions and order them to cease using the information technology or telecommunication system in question even if it is...more
The Internet Society’s Online Trust Alliance just released its 2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.” That’s our experience, too. Below are our highlights from the...more
On May 15, 2019, President Donald Trump issued an Executive Order on Securing the Information and Communications Technology and Services Supply Chain. ...more