As the need for cyber-security due diligence rises, M&A deal makers face growing challenges. MSSPs and other security professionals in the channel can help.
77% of respondents said the importance of cyber-security issues at M&A targets increased significantly in the past two years, due to an increase in corporate data breaches and related potential liabilities.
80% of respondents said cyber-security issues are highly important in due diligence, compared to 20% who report it is somewhat important.
For recent deals, 39% of respondents said not enough time was devoted to the cyber-security due diligence process, and 32% said there were not enough qualified people involved in the process.
47% of respondents said they plan to fix the problems they uncover. However, 33% said they will use the data to decide whether to go through with the deal, and 20% will use it to negotiate down the purchase price or other deal terms.
50% of respondents said the top cyber-security concern is the cost of correcting the existing problems, followed by potential complications for post-merger integration (43%), the occurrence of frequent or recent data breaches (37%), threats to customer data (37%) and threats to business data (33%).
70% of respondents said compliance problems are one of the most common types of security issues uncovered during due diligence, followed by a lack of comprehensive security architecture (40%) and vulnerability to insider threats (37%).
40% of acquirers said they discovered a cyber-security problem at an acquisition after a deal was completed.
77% said they have walked away from a deal due to data security issues.