All Best Practices articles
-
OpinionBuilding resilient teams in cyberdefense
The stress on cyberdefense teams can be accurately described as a form of chronic occupational trauma stemming from several unique pressures. But there are ways to build a culture that combats these pressures.
-
OpinionThe invisible cost of digital defense on mental health
Cybersecurity professionals, particularly those in leadership roles, often face immense pressure and stress due to the constant threat of cyberattacks.
-
OpinionFINRA’s GenAI wake-up call: What compliance professionals must do now
FINRA’s rules are intended to be technologically neutral. They apply when companies use GenAI or similar technologies in their businesses, just as they apply when companies use any other technology or tool. But what does that mean for a compliance professional using GenAI?
-
OpinionHow to identify and mitigate risks posed by Foreign Terrorist Organizations
Since Inauguration Day on Jan. 20, 2025, the Trump Administration has made it a priority to expand the list of designated Foreign Terrorist Organizations.
-
OpinionWhat the Copilot Usage Report 2025 Means for Corporate Compliance
Microsoft’s Copilot Usage Report 2025 offers compliance professionals a rare, data-driven look at how artificial intelligence is actually being used by millions of people, rather than how organizations assume it is being used.
-
OpinionEmerging antitrust risks in the expanded use of AI
Concerns over competitors using AI pricing tools to fix prices have dominated antitrust discussions in the U.S. and EU. Recent cases show how algorithmic pricing might enable unlawful coordination.
-
OpinionHow to make the business case to upgrade records management systems
Companies are giving their records management programs a makeover, and not for the reasons you may think. What used to be a sleepy back-office legal department function is now front and center, often driven by compliance teams. Organizations are discovering that a “save everything, forever” de facto policy doesn’t ...
-
OpinionWhy the EU’s new Machinery Regulation is a wake-up call on cybersecurity
The European manufacturing industry is on the cusp of a regulatory shift that promises to reshape how machines are designed and operated.
-
OpinionThe AI audit burden: Why ‘Explainable AI’ is the key
AI decisions are only defensible when the reasoning behind them is visible, traceable, and auditable. Explainable AI delivers that visibility, turning black-box outputs into documented logic that compliance officers can stand behind when regulators, auditors, or stakeholders demand answers.
-
OpinionTurning compliance into a competitive advantage in defense tech
For emerging defense tech companies to take full advantage of acquisition reforms and increased funding, they will need to overcome a defining feature of the U.S. defense industry: It is highly regulated, and will likely remain so.
-
OpinionThe rise of the AI compliance officer
As AI reshapes business operations and regulators move quickly, companies increasingly need a dedicated AI compliance officer to ensure ethical, transparent, and accountable deployment.
-
OpinionWho is leading the fight against confidence scams, and who should?
Internet-enabled scams are drawing national attention, with authorities treating them as organized transnational crimes. The FBI says confidence schemes now make up a significant share of online fraud, prompting questions about how the private sector is responding.
-
OpinionWhen stability fails: Why over-optimization creates organizational brittleness
Most organizations would say they value stability. Predictable operations, consistent output, and well-defined processes are generally considered marks of maturity. The assumption is simple: if a system can be made reliable, it becomes resilient.
-
OpinionAgentic AI and the policy blind spot: Why security can’t wait
The current AI policy and regulation landscape is still emerging globally. While some regulations and standards exist, governments, industry, and security leaders have critical gaps to close, especially around agentic artificial intelligence.
-
ArticleComplying with the EU Data Act – What companies should know
Companies could face significant compliance challenges in trying to meet new EU legal requirements about how companies share data with third parties.
-
OpinionThe CFO, AI, and the New Compliance Frontier
As CFOs use AI to streamline operations, they face new compliance risks tied to accountability and algorithmic governance. CCOs must work with them to ensure transparency and oversight throughout adoption.
-
OpinionThe Compliance - Audit gap in ESG and financial reporting
ESG reporting has moved from a voluntary PR exercise to an expectation for regulators and investors, but the compliance audit gap now threatens credibility.
-
ArticleHow to promote a positive compliance culture – and why behavior matters.
No matter what compliance managers do, people continue to disregard rules. Sandro Boeri, president of the U.K.’s Chartered Institute of Internal Auditors, says a new mandatory standard for internal audit teams can help.
-
OpinionBeyond the Binder: Policy governance in practice
Most compliance professionals have faced it: a regulator or client requests a policy, and several slightly different “final” versions appear. The issue often stems from reactive, siloed work without a unified governance framework.
-
OpinionWhat compliance can learn from a 95 percent AI pilot failure rate
Compliance professionals have long known that systems fail when governance does. An MIT study’s finding that 95 percent of enterprise artificial intelligence (AI) pilots fail underscores how essential compliance-grade discipline is to the success of emerging technologies.