Ensuring a target company has strong cybersecurity and data privacy programs is quickly becoming a pillar of merger and acquisition due diligence. In this two-part article series, we explain how these issues can be handled before, during and after the deal to ensure that a company’s data remains safe, compliant and in line with any privacy policies or other agreements. Part one focuses on cybersecurity and data privacy due diligence and proactive measures an acquiring company, as well as a target, can take to facilitate a smooth transaction, with examples from companies such as Disney and Instagram. Part two will examine how to handle cybersecurity problems when they are discovered; when to walk away; and how to manage risk, remediation and integration when the deal does move forward. See also “Cybersecurity and Information Governance Considerations in Mergers and Acquisitions” (Jul. 1, 2015).