Skip to main content


Cybersecurity and Data Privacy: Navigating a Constantly Changing Landscape

27 September 2018
Mayer Brown Book

The cybersecurity and data privacy landscape continues to change, creating significant new risks for businesses across economic sectors. New types of litigation are emerging, new regulatory regimes are entering into force, and new laws promise yet further compliance challenges in the future. At the same time, a wide range of threat actors are launching more complex and more consequential attacks against multinational businesses, further raising the stakes.

The complex and changing cybersecurity and data privacy landscape puts pressure on companies to be flexible and agile, and rewards businesses that can anticipate emerging trends. We discuss some of these important challenges in our new practical guide, Cybersecurity and Data Privacy: Navigating a Constantly Changing Landscape. While not intended to be comprehensive, this guide highlights developments and priorities for businesses on a range of key topics, from the compliance challenges posed by new regimes such as the EU General Data Protection Regulation and the New York’s financial services regulations, to growing expectations for due diligence in mergers and acquisitions, to evolving threats that demand thorough response playbooks. Across these issues, three themes emerge.

  • First, regulatory requirements—and corresponding compliance burdens—are continuing to expand globally, both with respect to generally applicable requirements and sector-specific rules. The capacity to handle changing compliance obligations is itself now a key part of effective cybersecurity and data privacy governance.
  • Second, cybersecurity and data privacy challenges are growing increasingly prominent in a wider variety of contexts than ever before. These issues are increasingly important, for example, in public company reporting, mergers and acquisitions, and product development.
  • Third, changes in the threats companies face are driving corresponding changes in legal risks. Litigation risk, for example, goes well beyond traditional data breaches and challenges to online collection of data. Likewise, the sheer diversity of risks is making incident response preparation even harder, making it ever more valuable to develop appropriate internal tools.

We discuss these and other themes in this handbook and hope that these discussions are relevant to the specific cybersecurity and data privacy issues your business faces. We have greatly appreciated the positive response to our prior handbooks—Staying Ahead of the Curve: Cybersecurity and Data Privacy—Hot Topics for Global Businesses (2017), Cybersecurity Regulation: Governing Frameworks and Emerging Trends (2016), and Preparing For and Responding To a Computer Security Incident: Making the First 72 Hours Count (2015).

Request a copy

Rajesh De and Stephen Lilley share highlights from our most recent guide, Cybersecurity and Data Privacy: Navigating a Constantly Changing Landscape.

Marcus Christian shares highlights from our most recent guide, Cybersecurity and Data Privacy: Navigating a Constantly Changing Landscape, discussing key topics from the chapter State Cyber and Privacy Law: Sweeping Change and Gradual Evolution.

Laura Richman discusses when and what to disclose about cyber risks and incidents to the SEC, highlighting key topics from the chapter Disclosing Cyber Risks and Incidents: SEC Guidance and Enforcement.

Jeffrey Taft and Lawrence Hamilton discuss the NYDFS cybersecurity regulations highlighting key topics from the chapter NYDFS Cybersecurity Regulations One Year In.


  • Rajesh De
    T +1 202 263 3366
  • Matthew Bisanz
    T +1 202 263 3434
  • Samantha C. Booth
    T +1 312 701 8327
  • Kendall C. Burman
    T +1 202 263 3210
  • Joseph A. Castelluccio
    T +1 212 506 2285
  • Marcus A. Christian
    T +1 202 263 3731
  • Diletta De Cicco
    T +32 2 551 5945
  • Nina L. Flax
    T +1 650 331 2070
  • Veronica R. Glick
    T +1 202 263 3389
  • Lawrence R. Hamilton
    T +1 312 701 7055
  • Charles-Albert Helleputte
    T +32 2 551 5982
  • Sasha Keck
    T +1 202 263 3464
  • Stephen Lilley
    T +1 202 263 3865
  • Laura D. Richman
    T +1 312 701 7304
  • Lei Shen
    T +1 312 701 8852
  • Benjamin A. Shoemaker
    T +1 202 263 3463
  • Joshua M. Silverstein
    T +1 202 263 3208
  • David A. Simon
    T +1 202 263 3388
  • Jeffrey P. Taft
    T +1 202 263 3293
The Build a Report feature requires the use of cookies to function properly. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently. If you do not accept cookies, this function will not work. For more information please see our Privacy Policy

You have no pages selected. Please select pages to email then resubmit.