Cyberattacks, Privacy Legislation Shape M&A Dealmaking Process

Rising cybercrime, and an increasingly complex legal framework in the U.S. and abroad, has translated into companies paying more attention to privacy and cybersecurity to avoid potential liability after a merger or acquisition.

Spooked by heavier regulations and massive cyberattacks such as those on Colonial Pipeline Co. and JBS SA, businesses are diving deep into potential target companies’ security records and compliance programs before executing deals, attorneys say.

“The combination of privacy laws and the expanding data-driven nature of deals has caused companies to look at privacy and security in M&A as not just another legal compliance area but something ...