In 2019, boards and senior management across a range of industries continued to cite cybersecurity as one of the most significant risks facing their companies.

At the same time, comprehensive data privacy regulation became a new reality in the United States as many companies implemented major revisions to their privacy policies and data systems to achieve compliance with California’s groundbreaking privacy legislation. New York also imposed for the first time affirmative cybersecurity obligations on companies, which go into effect in March 2020. European regulators announced several notable enforcement actions under the GDPR which confirmed that European authorities are willing to use the GDPR’s authorization to levy large fines, even outside the context of major breaches resulting in exposure of customer information.

In this 2019 Year in Review, we highlight the most significant cybersecurity and privacy developments of 2019 and predict key challenges and areas of focus for the coming year.

Please click here to read the full alert memorandum.