Data Privacy & Cybersecurity

This NAVEX blog discusses the new European Union Artificial Intelligence Act and the December 2023 updated changes to the proposed legislation.

This article highlights five core elements of a digital trust program, taking inspiration from industry roadmaps, including the World Economic Forum’s digital trust insight report, as well as from current best practices of leading, global companies.

Artificial Intelligence is a new risk domain for organizations, but it also creates a prime opportunity for the CCO to lead the way in creating a GRC framework that proactively addresses risk and realizes the benefits of properly implemented and governed AI.

Everyone even peripherally involved with corporate governance, compliance, or risk management knows that corporate boards need more CISOs to help them navigate today’s cyber-saturated world. This post discusses how CISOs can deepen ties and increase influence with, and presence on, boards of directors.

Information and opinions about AI are everywhere. As the world adjusts to the use cases and implications this tool has, there are several use cases that emerge as a way to leverage AI. This post discusses how using AI in a closed system is the safest way to boost productivity, securely.

As expected, the Securities and Exchange Commission adopted new rules on June 26, 2023, requiring publicly traded companies to make more disclosures about the cyber risks they have and the specific cyber attacks they suffer. This post, originally featured on Radical Compliance, explains what you need to know to comply.

NAVEX recently surveyed over 1,300 Risk and Compliance (R&C) leaders across the globe to delve into compliance program maturity, priorities, struggles, and more. Several findings point toward a growing interdependence for Compliance, Data Privacy and Information Security.

Most chief compliance officers (CCOs) are not technology experts, just as chief information security officers (CISOs) are not regulatory compliance experts. But as a strategic partnership, these two functions play an invaluable role in protecting against cybersecurity risks.

New Chinese personal data protection regulations impact corporate whistleblowing policies. This NAVEX blog shares how international businesses can remain compliant.