Data Privacy & Cybersecurity

As expected, the Securities and Exchange Commission adopted new rules on June 26, 2023, requiring publicly traded companies to make more disclosures about the cyber risks they have and the specific cyber attacks they suffer. This post, originally featured on Radical Compliance, explains what you need to know to comply.

NAVEX recently surveyed over 1,300 Risk and Compliance (R&C) leaders across the globe to delve into compliance program maturity, priorities, struggles, and more. Several findings point toward a growing interdependence for Compliance, Data Privacy and Information Security.

Most chief compliance officers (CCOs) are not technology experts, just as chief information security officers (CISOs) are not regulatory compliance experts. But as a strategic partnership, these two functions play an invaluable role in protecting against cybersecurity risks.

New Chinese personal data protection regulations impact corporate whistleblowing policies. This NAVEX blog shares how international businesses can remain compliant.

The rise of ChatGPT is changing the risk and compliance landscape. This NAVEX blog explores what CISOs need to know about ChatGPT’s effect on risk and compliance.

Each year, NAVEX publishes the Top 10 Trends in Risk and Compliance. This publication features trends and predictions for the year to come and features contributions from experts in the industry. This article is part two of two and discusses privacy-related trends in the EU and U.K., and how to prepare.

Each year, NAVEX publishes the Top 10 Trends in Risk and Compliance. This publication features trends and predictions for the year to come and features contributions from experts in the industry. This article is part one of two and discusses privacy-related trends in the U.S., and how to prepare.

Staying compliant with data privacy laws is challenging given the patchwork nature of these various regulations. This post discusses five recent U.S. data privacy laws taking effect this year, and considerations your business should make in order to stay compliant.

As 2022 comes to a close, now is an ideal time to reflect on the developments and challenges this year held for the risk and compliance profession – and there was no shortage of either. This retrospective blog focuses on the major influences on risk and compliance programs in 2022 and what to pay attention to in 2023 and beyond.

On Jan. 1, 2023, the California Privacy Rights Act (CPRA) will take effect, placing newly enhanced data privacy and notification requirements onto businesses that handle the personal information of California consumers. This post covers what you need to know to meet the requirements to avoid the consequences of non-compliance.