Controlling Cyber-risk in Mergers and Acquisitions

September 21, 2020
Henrik Davidsson
Sr. Director for Global Partner Strategy, Programs & Enablement, Vectra
Controlling Cyber-risk in Mergers and Acquisitions

Acquiring a company is a massive undertaking and requires significant amount of planning and ideally flawless execution. Time is of the essence. The quicker an integration materializes, the faster the time to value. On the other hand, being the target of an acquisition also poses a threat to shareholders and company valuation if you do not have your house in order before due diligence or, in the worst case, the months following the acquisition.

In a survey by West Monroe Partners, executives said 52% discovered a cyber problem post deal. And 41% said post-merger integration is their main cyber worry. According to the study, cybersecurity is the No. 1 reason why a company walks away from a deal, and the No. 2 reason for regretting a deal.

More and more organizations are now facing these issues. Today it’s common for merger and acquisition (M&A) agreements to include a clause that the target company might risk up to 30% devaluation if it falls victim to a cyber-breach during the 12-month period after an acquisition. These significantly increase the stakes well beyond the cost of an actual breach and the recovery process.

There are several critical cybersecurity challenges to overcome and manage during an M&A

Merging two companies creates broader attack surface

The potential attack vectors an attacker might leverage increase and leave the networks of both the acquiring and target companies exposed and vulnerable.

Inherited or imported threats

Introducing a new organization into your network can impose a significant threat without visibility into hidden attackers.

Insider threats

During mergers the potential threats from insiders increases for various reasons, concerns, job uncertainty.

Third parties

Business and technical consultants who are commonly employed during M&As can knowingly or unknowingly become pawns in a cyberattack.

The burden on IT and security teams

Throughout the duration of M&As, IT and security teams from the acquiring and target companies are typically spread very thin.

How Vectra can help

In the M&A process, Vectra can be leveraged by the target company to conduct a security assessment as well as by the acquiring company to assess risk and compliance of the target organization. Vectra is also instrumental in accelerating the M&A process using AI-driven threat detection and response for cloud, data center and enterprise environments.

The Cognito Platform from Vectra speeds-up due diligence and integration by automating threat hunting and prioritizing detected threats based on certainty and risk. This enables faster response and mitigation and conclusive incident investigations. Whether it’s an insider threat or an external threat, the Cognito Platform automatically detects malicious behaviors in every phase of the attack lifecycle—command and control, internal reconnaissance, lateral movement, data exfiltration and botnet monetization. Cognito automates manual processes and consolidates thousands of security events and historical context in real-time to pinpoint compromised hosts that pose the biggest risk.

These capabilities are crucial to ensure that cyber threats are not inherited by the acquiring company or the target company, eliminate attack surface vulnerabilities, and accelerate integration as a result of M&A.