As M&A activity increases worldwide, unfortunately so does cyber-crime. Now whilst the two are in no way related, there is no hiding the fact that there has been a number of high profile incidents in recent times, with major companies such as eBay, Target and Yahoo! all being the victims of such crimes.
The best place to start is by looking at what type of data the company holds and the level of sensitivity before examining which methods of protection are currently in place. For example, the firewalls and other systems that have been installed to ensure its safety. Once these programmes and software have been identified, businesses must analyse and audit these suppliers to ensure their credentials are up to scratch.
Buyers should be analysing the level of cyber risk to a business that they are acquiring, in same way they would consider its financial position to ensure they are not putting themselves at considerable risk. Also, there is the small matter of the value of a deal dropping considerably if, after it has been finalised, past or ongoing security breaches come to light.
While these data protection tools are important, it is also essential to look at the policies the business has in place for its employees. Like it or not, employees can pose a considerable risk to data security, so all employment contracts need to be reflected upon and, if necessary, revised before the businesses merge.
It is essential to know whether the business has suffered any kind of data breach in the past and, if so, where it came from. The purpose of this is to recognise any vulnerabilities within the business and find out how they were dealt with to prevent them from being a reoccurring issue.
Although these steps should be taken in order for businesses to gain a true understanding of a company they are acquiring, there are concerns that such assessments just simply take too long, flying in the face of the usual short M&A time-frames. However, it is vital for businesses to keep in mind that they are acquiring a company’s data and potentially all of its data-security issues.
With M&A deals taking place every day and more companies being penalised by shareholders for being victims of cyber-attacks, it is now more important than ever that these steps are taken before any deal is finalised.
With representation throughout the Americas, Europe, Africa and Asia, Benchmark International offers advice and guidance to help effectively identify, evaluate and quantify cyber security risks. To find out more, visit http://www.benchmarkcorporate.com.