Episode 385 -- Five Strategies to Mitigate a New Risk Environment
Episode 384 -- Third-Party Risks and Sanctions
Great Woman in Compliance: Building Strategic and Effective Risk Assessments
Innovation in Compliance: Gaurav Kapoor on Risk Management and the Role of AI in GRC
Episode 30 - Inaugural Episode with Ian Sherr: Compliance Week’s Insights and Reflections from June to July 2025
Compliance Tip of the Day: Internal Controls for Third Parties
Upping Your Game: Harnessing AI to Revolutionize Third-Party Risk Management
Compliance Tip of the Day: Terminating Third Parties
FCPA Compliance Report: Upping Your Game in Compliance
Episode 368 — LRN Issues New Report Highlighting Growing Gap in Compliance Program Performance
FCPA Compliance Report: From Compliance to Commercial Value: Removing Friction with AI
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
Third-Party Risk The competitive world of banking struggles to keep up with technological advances, particularly in a regulatory environment.
Episode 360 -- Natalie Druckman from Certa on AI-Enhanced Third-Party Risk Management
Compliance Tip of the Day: Using AI to Manage 3rd Party Risk
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 223: Cybersecurity and Privacy Risks with Healthcare Vendors with Brandon Robinson of Maynard Nexsen
Compliance Tip of the Day: Board Questions and Metrics for 3rd Party Risk Management
Why Privacy is Your Secret Weapon Against Third-Party Risk
A Third Party's Perspective on Third Party Risk
On July 30, 2025, a wine producer was sued in connection with a cyberattack that allegedly compromised the data of at least 26,000 customers. Among other things, the complaint alleges that the company failed to implement...more
Most organizations rely on complex supply chains, and that reliance has become a point of vulnerability for cyberattacks. This spring, we have witnessed a large-scale cyberattack on a major British multinational retailer due...more
Cybercriminals look for two things when seeking a victim—access and opportunity. ERISA retirement plans offer both. Cybercriminals exploit weaknesses in systems, software, or human behavior to find opportunities for easy...more
The DFIR 2025 Threat Report from CyberCX offers a firsthand view of how cyber adversaries adapted and accelerated their tactics in 2024. Covering incidents across Australia, New Zealand, North America, and Europe, the report...more
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
In an increasingly interconnected healthcare landscape, third party relationships play a critical role in operations, but they also introduce significant risk. To address this challenge, our webinar delves into the...more
Recent incidents of cyberattacks impacting major organizations through exploited weaknesses in third-party relationships have highlighted the importance of holistic third-party risk management, creating an opportunity to...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
How to ensure emerging technologies help rather than hurt your organization - Technology represents the classic double-edged sword for compliance and ethics professionals. When properly utilized, it can be a vital tool,...more
Our Virtual Regional Compliance Conferences provide updates on the latest news in regulatory requirements, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask questions from...more
Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more
In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach,...more
For those familiar with the Shonda Rhimes juggernaut, Grey’s Anatomy, it is the story of surgical residents, fellows, and attending physicians as they work in the surgical wing of the fictional Grey Sloan Memorial Hospital....more
The New York Department of Financial Services has adopted detailed cybersecurity regulations for financial institutions. (Here). The NYDFS has filled a vacuum created by the failure of the federal government to act in this...more
Two recent data breach incidents in the healthcare industry prove what readers of this blog have heard all too often: KNOW THY VENDORS....more
On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more
On Aug. 11, 2015, federal prosecutors in the District of New Jersey and the Eastern District of New York unsealed indictments against nine individuals in the U.S. and Ukraine who were allegedly involved in a five-year,...more