With interconnectivity and use of digital storage expanding, cyberthreats posed by nation states, commercial competitors, company insiders, transnational organised crime syndicates and ‘hacktivists’ have continued to grow on a global basis. Recent high-profile data intrusions in the United States have brought particular attention to cyber extortion and cyberattacks perpetrated by nation states, and to business email compromises aimed at financial fraud by criminal groups. In dealing with these topics, two important trends are emerging. First, many countries are looking to strengthen requirements around user consent and control over collection of personal data. Second, countries are grappling with how to protect against the compromise of intellectual property with potential national security concerns, with strategies ranging from restricting the export of critical IP to establishing minimum cybersecurity standards for critical providers.