Managing Data Privacy and Cybersecurity Risks in M&A Deals: Pre-Planning, Due Diligence and Risk Allocation Strategies

Minimizing Impact of Cybersecurity Vulnerabilities on Transaction Value

Recording of a 90-minute premium CLE webinar with Q&A

Conducted on Thursday, May 4, 2017

Recorded event now available

or call 1-800-926-7926
Program Materials

This CLE webinar will provide guidance to deal attorneys for managing and allocating data privacy and cybersecurity risks in M&A transactions. The panel will discuss best practices for identifying and addressing data privacy and cybersecurity concerns throughout the life of a deal, from developing an acquisition strategy and identifying a potential target, to conducting due diligence, to allocating risk in the transaction documents.


Corporate data security breaches are at an all-time high, making data privacy and cybersecurity planning in M&A transactions more important than ever. Examining a target’s data assets and identifying cybersecurity vulnerabilities are essential to valuing a deal, implementing risk mitigation measures, and planning for successful data integration post-acquisition.

Counsel for buyers should begin evaluating data privacy and cybersecurity risks when assessing a potential target and continue making data privacy and cybersecurity concerns a priority during due diligence and when negotiating the acquisition agreement and other transaction documents.

During due diligence buyer’s counsel should examine the target’s data inventory, data locations, data collection processes, privacy policies, security controls, information governance guidelines, risk assessment programs, and cybersecurity insurance policies for vulnerabilities.

When negotiating and drafting the transaction documents, counsel for both parties should carefully approach the reps and warranties provisions related to the target’s data privacy and cybersecurity protocols and thoughtfully address how the parties will resolve issues that arise from data security breaches.

Listen as our authoritative panel of deal attorneys examines key considerations for managing and allocating data privacy and cybersecurity risks in M&A deals.



  1. Overview of data privacy and cybersecurity issues
  2. Managing data privacy and cybersecurity issues when planning acquisition strategy
  3. Data privacy and cybersecurity best practices during due diligence
  4. Allocating data privacy and cybersecurity risks when drafting and negotiating transaction documents


The panel will review these and other key issues:

  • The impact of data and cybersecurity assets and vulnerabilities on deal valuation
  • The best approaches for counsel to identify data privacy and cybersecurity vulnerabilities early in a transaction
  • The most critical information counsel should request from the target company during due diligence related to data privacy and cybersecurity
  • Provisions to include in the transaction documents to address data privacy and cybersecurity vulnerabilities and mitigate deal risk


Jennifer C. Archie
Jennifer C. Archie

Latham & Watkins

Ms. Archie possesses broad investigations, litigation and counseling experience advising clients from emerging...  |  Read More

Alan Brill
Alan Brill

Senior Managing Director

Mr. Brill consults with law firms and corporations on investigative issues relating to computers and...  |  Read More

Gerard M. Stegmaier
Gerard M. Stegmaier

Reed Smith

Mr. Stegmaier focuses his practice on corporate governance, IP and internet issues, especially as they relate to...  |  Read More

Other Formats
— Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include program handouts. To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video