Blog - article

Controlling cyber-risk in mergers and acquisitions

Controlling cyber-risk in mergers and acquisitions

Controlling cyber-risk in mergers and acquisitions

Henrik Davidsson
October 2, 2019

Acquiring a company is a massive undertaking and requires significant amount of planning and ideally flawless execution. Time is of the essence. The quicker an integration materializes, the faster the time to value.

On the other hand, being the target of an acquisition also poses a threat to shareholders and company valuation if you do not have your house in order before due diligence or, in the worst case, the months following the acquisition.

In a survey by West Monroe Partners, executives said 52% discovered a cyber problem post deal. And 41% said post-merger integration is their main cyber worry. According to the study, cybersecurity is the No. 1 reason why a company walks away from a deal, and the No. 2 reason for regretting a deal.

More and more organizations are now facing these issues. Today it’s common for M&A agreements to include a clause that the target company might risk up to 30% devaluation if it falls victim to a cyber-breach during the 12-month period after an acquisition. These impacts significantly increase the stakes well beyond the cost of an actual breach and the recovery process.

There are several critical cybersecurity challenges to overcome and manage during an M&A:

  • Merging two companies creates broader attack surface. The potential attack vectors an attacker might leverage increase and leave the networks of both the acquiring and target companies exposed and vulnerable.
  • Inherited or imported threats. Introducing a new organization into your network can impose a significant threat without visibility into hidden attackers.
  • Insider threats. – during mergers, the potential threats from insiders increases for various reasons, concerns, job uncertainty.
  • Third parties. Business and technical consultants who are commonly employed during M&As can knowingly or unknowingly become pawns in a cyberattack.
  • The burden on IT and security teams. Throughout the duration of M&As, IT and security teams from the acquiring and target companies are typically spread very thin.

In the M&A process, Vectra can be leveraged by the target company to conduct a security assessment as well as by the acquiring company to assess risk and compliance of the target organization.

Vectra is also instrumental in accelerating the M&A process using AI-driven threat detection and response for cloud, data center and enterprise environments.

The Cognito platform from Vectra speeds-up due diligence and integration by automating threat hunting and prioritizing detected threats based on certainty and risk. This enables faster response and mitigation and conclusive incident investigations.

Whether it’s an insider threat or an external threat, the Cognito platform automatically detects malicious behaviors in every phase of the attack lifecycle – command and control, internal reconnaissance, lateral movement, data exfiltration and botnet monetization.

Cognito automates manual processes and consolidates thousands of security events and historical context in real time to pinpoint compromised hosts that pose the biggest risk.

These capabilities are crucial to ensure that cyber threats are not inherited by the acquiring company or the target company, eliminate attack surface vulnerabilities, and accelerate integration as a result of M&A.

About the author

Henrik Davidsson

Henrik Davidsson is director of sales business development at Vectra, where he is responsible for customer value creation & managed service providers. He has over 15 years’ experience in working with large enterprises, service providers and always stays in the frontline of new security challenges and coaching end customers and partners alike on how to augment their security posture and cyber resilience. Henrik has held leading position at companies such as Cisco, Juniper Networks, VMware, FireEye and NTT Security.

Author profile and blog posts

Most recent blog posts from the same author

Security operations

How to gain full threat visibility where only the network exists

June 6, 2019
Read blog post
Security operations

Accelerate your cybersecurity with a managed detection and response service

June 20, 2019
Read blog post
Security operations

Vectra and Nozomi Networks safely secure the IT/OT convergence

August 12, 2019
Read blog post