Acquiring a company is a massive undertaking and requires significant amount of planning and ideally flawless execution. Time is of the essence. The quicker an integration materializes, the faster the time to value.
On the other hand, being the target of an acquisition also poses a threat to shareholders and company valuation if you do not have your house in order before due diligence or, in the worst case, the months following the acquisition.
In a survey by West Monroe Partners, executives said 52% discovered a cyber problem post deal. And 41% said post-merger integration is their main cyber worry. According to the study, cybersecurity is the No. 1 reason why a company walks away from a deal, and the No. 2 reason for regretting a deal.
More and more organizations are now facing these issues. Today it’s common for M&A agreements to include a clause that the target company might risk up to 30% devaluation if it falls victim to a cyber-breach during the 12-month period after an acquisition. These impacts significantly increase the stakes well beyond the cost of an actual breach and the recovery process.
There are several critical cybersecurity challenges to overcome and manage during an M&A:
Vectra is also instrumental in accelerating the M&A process using AI-driven threat detection and response for cloud, data center and enterprise environments.
The Cognito platform from Vectra speeds-up due diligence and integration by automating threat hunting and prioritizing detected threats based on certainty and risk. This enables faster response and mitigation and conclusive incident investigations.
Whether it’s an insider threat or an external threat, the Cognito platform automatically detects malicious behaviors in every phase of the attack lifecycle – command and control, internal reconnaissance, lateral movement, data exfiltration and botnet monetization.
Cognito automates manual processes and consolidates thousands of security events and historical context in real time to pinpoint compromised hosts that pose the biggest risk.
These capabilities are crucial to ensure that cyber threats are not inherited by the acquiring company or the target company, eliminate attack surface vulnerabilities, and accelerate integration as a result of M&A.
Henrik Davidsson is director of sales business development at Vectra, where he is responsible for customer value creation & managed service providers. He has over 15 years’ experience in working with large enterprises, service providers and always stays in the frontline of new security challenges and coaching end customers and partners alike on how to augment their security posture and cyber resilience. Henrik has held leading position at companies such as Cisco, Juniper Networks, VMware, FireEye and NTT Security.