The most critical function of any merger or acquisition team is to properly assess the value of a target company. Security plays an important role on the merger and acquisition team. The security team has a responsibility to mitigate risks and protect the interest of the company, its owners and shareholders. In support of this obligation, security, as a member of the merger or acquisition team, helps the team make informed decisions and execute a successful transaction.
Investment professionals need to gain access to material information about cyber risks and events. Unfortunately, the information available to investment professionals is inadequate or unclear. Companies don’t disclose or account for important information about cyber risks and events, either because they do not know what is happening on their networks, or because they are worried about the impact that disclosure will have on their reputation and valuation.
Recently, the Securities and Exchange Commission issued guidance addressing this challenge by requiring publicly traded companies to disclose such information. The guidance has brought about some disclosures, but investment professionals must also be equipped to collect information through their own diligence on cyber issues.
Companies are losing valuable trade secrets and business intelligence at a staggering rate, with consequences for future revenues and earnings. Intellectual property and other proprietary are the crown jewels of any business. Loss of information about a proprietary information or process to a competitor could reduce profits by hundreds of millions of dollars per year.
Also, corporate transactions that change IT infrastructure and processes can create gaps in information security systems, polices, procedures and safeguards.
Ultimately, investment professionals need to know how to analyze risks and events and determine their impact on valuations and investment decisions. OutSecure understands the financial implications of cyber risk. We help investment professionals assess the impact of cyber risks and events on their work through services including Cyber Risk Briefings and Cyber Diligence. Some of the aspects we examine:
- Type of business
- Physical locations
- Organization charts
- Number of employees
- Computing environment
- Relationship between merger or acquisition entities moving forward