The upshot, for busy people:

  • Realizing value and managing risk in investments and acquisitions of digital assets businesses means understanding several key areas of the target’s business—among them, cybersecurity, data privacy and regulatory positions.
  • This is particularly challenging in light of the pace of innovation in these technologies and the intersecting, evolving regulations that apply

Whether it comes in the form of a cyber attack to your network or a consumer privacy enforcement action brought by a state regulator, no organization is immune from the risks that come from processing and securing sensitive personal and commercial data. Conducting a due diligence process that addresses privacy and security risks is necessary

In the first installment of this series, I described some reasons why cybersecurity and data privacy issues should be front of mind for M&A practitioners. In this installment, I will talk about the ways that an acquirer’s—and a target company’s—compliance programs can play a significant role in the success of a merger or integration.

Continue

What does a nuclear missile accident have in common with a cybersecurity or data privacy issue in a
merger or integration? While it is easy to see that most people would prefer not to encounter either of them, in both situations, small missteps can lead to wide-ranging and potentially catastrophic consequences. As an M&A practitioner,

The cybersecurity and data privacy landscape continues to change, creating significant new risks for businesses across economic sectors. New types of litigation are emerging, new regulatory regimes are entering into force, and new laws promise yet further compliance challenges in the future. At the same time, a wide range of threat actors are launching more