Companies are facing an increasingly unpredictable, burdensome and fragmented regulatory regime when it comes to cybersecurity. Such was the prevailing message Thursday at a virtual panel on cybersecurity law and policy hosted by the American Bar Association’s Homeland Security Law Institute.

Megan Leef Brown, a partner with Wiley Rein, said the private sector is struggling to handle multiple reporting obligations regarding data breaches or ransomware attacks. “I’m seeing major shifts in the regulatory landscape, some of which I really find quite troubling. It’s daunting for the private sector. I perceive a real dissonance and fragmentation in how some of the agencies are approaching this,” she said.