Risk Management / Regulatory content

This report examines the legal complexities surrounding when and how judicial review of federal agency actions can be time-barred. It explores general and special statutory limitations, such as the six-year…

Learn More

The Dams Sector Waterside Barriers Guide, published by CISA, provides dam owners and operators with guidance on using waterside barriers to protect critical infrastructure from water-based threats such as swimmers,…

Learn More

The Dams Sector Personnel Screening Guide by CISA provides owners and operators of dams, levees, and related infrastructure with strategies to mitigate insider threats through effective pre-employment screening. It outlines…

Learn More

In today’s rapidly evolving cyber environment, obtaining an initial Authorization to Operate (ATO) under the Risk Management Framework (RMF) can take anywhere from 6 to 36 months. Given the complexity…

Learn More

The April 2025 revision of NIST SP 800-61 provides updated guidance for integrating incident response into broader cybersecurity risk management efforts, aligned with the NIST Cybersecurity Framework (CSF) 2.0. It…

Learn More

Roundtable 3: Government as a Buyer of AI As AI technologies advance, federal agencies face mounting challenges in responsibly procuring and managing AI tools. Roundtable participants emphasized the need for…

Learn More

Fast flux is a DNS-based evasion technique that allows malicious actors to hide their infrastructure and maintain resilient command-and-control operations. This tactic rapidly changes IP addresses linked to malicious domains,…

Learn More

This report provides a comprehensive overview of U.S. banks’ trading and derivatives activity for the fourth quarter of 2024. It highlights a 10.6% decline in trading revenue from the prior…

Learn More

Executive Order 14249, issued on March 25, 2025, aims to safeguard the integrity of America’s “bank account” by tightening oversight of federal payments. It empowers the Treasury to verify and…

Learn More

This document outlines updated rules from the Consumer Financial Protection Bureau (CFPB) regarding credit card penalty fees. It aims to ensure fairer practices by capping late fees and increasing transparency…

Learn More

The era of Globalization 1.0, marked by idealistic free trade and fading borders, is giving way to a more grounded strategy that recognizes geopolitical realities and national interests. This new…

Learn More

U.S. banking regulators played a vital role in shaping the final Basel III capital standards—global rules that aim to make big banks safer and more resilient. The report shows how…

Learn More

Understanding risk starts with knowing how disruptions impact an organization. The Business Impact Analysis (BIA) goes beyond disaster recovery—it helps leaders identify which assets are most critical and vulnerable to…

Learn More

Managing cybersecurity risks effectively is crucial for protecting an organization’s mission, operations, and reputation. The latest NIST Interagency Report (NIST IR 8286B) provides guidance on prioritizing cybersecurity risks within Enterprise…

Learn More

A critical security risk has been discovered in the Contec CMS8000 patient monitor, commonly used in healthcare settings. The Cybersecurity and Infrastructure Security Agency (CISA) found an embedded backdoor that…

Learn More