Insights

In the high-stakes world of energy, a cyberattack isn’t just a technical failure—it’s a business disruption. And for Halliburton, one of the largest oilfield services companies globally, that disruption came at a hefty price. In August 2024, the company was hit by a ransomware attack linked to the notorious RansomHub group, leading to a significant financial loss that’s being felt in both immediate and long-term ways.

Earlier this month, Maersk released a report indicating that three out of four shippers operating in Europe have dealt with disruptions in their supply chain over the past 12 months. Even more alarming is that more than half of those affected are experiencing a serious impact on costs.

The Hague Court of Appeal delivered its judgment last Tuesday in the closely watched appeal between Shell and Friends of the Earth Netherlands (Milieudefensie). While the court reaffirmed that Shell is responsible for reducing its carbon emissions, it concluded that the company should not be bound by a specific reduction rate.

Southeast Asia is rapidly emerging as a digital powerhouse, with its booming markets and growing data center infrastructure attracting the attention of global tech giants. But as this region strengthens its digital economy, it’s also tightening its grip on data protection. Countries like Vietnam, Malaysia, and Indonesia are overhauling their data protection laws, which could bring both opportunities and challenges for businesses—especially those looking to expand in these fast-growing markets.

Artificial Intelligence (AI) is no longer a distant technological marvel; it's a driving force in reshaping how industries operate, innovate, and grow. From transforming healthcare with predictive analytics to revolutionizing the financial sector with automated trading systems, AI is everywhere. But as organizations embrace these advancements, they must also confront a growing set of challenges—legal, ethical, and operational—that can have serious consequences if not properly managed. This is where governance, risk, and compliance (GRC) come into play.

The Justice Department’s $3 billion settlement with TD Bank may have closed one chapter in a decade-long money-laundering saga, but Sen. Elizabeth Warren is far from satisfied with how the story ends. In a fiery letter to Attorney General Merrick Garland, Warren pulled no punches, calling the DOJ’s handling of the case a form of “absurd legal gymnastics” that shields TD’s top executives from facing the music. Her frustration underscores a growing concern in Washington: are these settlements really justice, or just another line item in the cost of doing business?

The February cyberattack on Change Healthcare, now confirmed to have affected a staggering 100 million individuals, is more than a historic breach—it’s a wake-up call for the entire healthcare sector. The U.S. Department of Health and Human Services recently confirmed the scale of this incident, making it one of the most significant exposures of personal health data in U.S. history. The breach shines a harsh light on cybersecurity fundamentals, particularly the overlooked areas of access management, incident response, and third-party risk oversight.