In this roundtable discussion, members of the firm’s Cybersecurity and Privacy Practice Group discuss a wide range of topics, including setting up a new cybersecurity plan and practicing it within an organization with buy-in from various departments (IT, HR, etc.), appointing a cybersecurity or data protection officer, deciding whether that officer should be from outside the organization, and instituting role-based training to help employees recognize threats (such as the recent proliferation of phishing threats). Simon McMenemy (managing partner, London) and Ben Perry (of counsel, Nashville), who are co-chairs of the practice group, are joined by Tracey Kinslow (of counsel, Nashville), Nicola McCrudden (of counsel, London), Erin Schachter (associate, Montréal), and Lauren Watson (associate, Raleigh). The speakers cover developments in the United States, Canada, and Europe.