Data Privacy & Cybersecurity

NAVEX recently surveyed over 1,300 Risk and Compliance (R&C) leaders across the globe to delve into compliance program maturity, priorities, struggles, and more. Several findings point toward a growing interdependence for Compliance, Data Privacy and Information Security.

Most chief compliance officers (CCOs) are not technology experts, just as chief information security officers (CISOs) are not regulatory compliance experts. But as a strategic partnership, these two functions play an invaluable role in protecting against cybersecurity risks.

New Chinese personal data protection regulations impact corporate whistleblowing policies. This NAVEX blog shares how international businesses can remain compliant.

The rise of ChatGPT is changing the risk and compliance landscape. This NAVEX blog explores what CISOs need to know about ChatGPT’s effect on risk and compliance.

Each year, NAVEX publishes the Top 10 Trends in Risk and Compliance. This publication features trends and predictions for the year to come and features contributions from experts in the industry. This article is part two of two and discusses privacy-related trends in the EU and U.K., and how to prepare.

Each year, NAVEX publishes the Top 10 Trends in Risk and Compliance. This publication features trends and predictions for the year to come and features contributions from experts in the industry. This article is part one of two and discusses privacy-related trends in the U.S., and how to prepare.

Staying compliant with data privacy laws is challenging given the patchwork nature of these various regulations. This post discusses five recent U.S. data privacy laws taking effect this year, and considerations your business should make in order to stay compliant.

As 2022 comes to a close, now is an ideal time to reflect on the developments and challenges this year held for the risk and compliance profession – and there was no shortage of either. This retrospective blog focuses on the major influences on risk and compliance programs in 2022 and what to pay attention to in 2023 and beyond.

On Jan. 1, 2023, the California Privacy Rights Act (CPRA) will take effect, placing newly enhanced data privacy and notification requirements onto businesses that handle the personal information of California consumers. This post covers what you need to know to meet the requirements to avoid the consequences of non-compliance.

With cyber-attacks on the rise and frequently making headlines, organizations must be diligent in their efforts to protect the enterprise from growing threats. The U.S. Securities and Exchange Commission has proposed new rules for the disclosure of cybersecurity issues – setting in motion a future of increasingly regulated cybersecurity programs and communication about incidents.