Security costs
It’s no secret that safeguarding business and customer data is a big concern for companies. In mergers and acquisitions (M&As) world, cyber-security is a hot button. With nearly 800 data breaches in the United State last year, according to Identity Theft Resource Center, coupled with the hefty cost of these attacks, acquirers are looking closely at cyber-security due diligence when they buy companies. The importance of <a href=”http://www.westmonroepartners.com/Insights/White-Papers/security-survey” target=”_blank”>cyber-security issues at M&A targets</a> has increased greatly in the past two years, according to nearly 80 percent of North America-based senior M&A practitioners who responded to a survey commissioned by West Monroe Partners and conducted by MergerMarket. The report finds that as the need for cyber-security due diligence rises, deal makers are faced with roadblocks, ranging from the lack of employees with the right skill sets to conduct security analyses to a lack of thoroughness and the uncovering of problems after the deals close. Here are key takeaways from the survey that show where managed security service providers and other security solution providers can help ease the pain during cyber-security due diligence.
Caveat Emptor: Security Issues Key in M&A Deals
As the need for cyber-security due diligence rises, M&A deal makers face growing challenges. MSSPs and other security professionals in the channel can help.
Amped Security Concerns
77% of respondents said the importance of cyber-security issues at M&A targets increased significantly in the past two years, due to an increase in corporate data breaches and related potential liabilities.
Growing Anxieties
80% of respondents said cyber-security issues are highly important in due diligence, compared to 20% who report it is somewhat important.
Security Analysis Challenges
For recent deals, 39% of respondents said not enough time was devoted to the cyber-security due diligence process, and 32% said there were not enough qualified people involved in the process.
Using Analysis Data
47% of respondents said they plan to fix the problems they uncover. However, 33% said they will use the data to decide whether to go through with the deal, and 20% will use it to negotiate down the purchase price or other deal terms.
Top Security Concerns
50% of respondents said the top cyber-security concern is the cost of correcting the existing problems, followed by potential complications for post-merger integration (43%), the occurrence of frequent or recent data breaches (37%), threats to customer data (37%) and threats to business data (33%).
Common Problems
70% of respondents said compliance problems are one of the most common types of security issues uncovered during due diligence, followed by a lack of comprehensive security architecture (40%) and vulnerability to insider threats (37%).
Troubling Due Diligence
40% of acquirers said they discovered a cyber-security problem at an acquisition after a deal was completed.
Deal Breaker
77% said they have walked away from a deal due to data security issues.