Warning that weak cyber security is putting M&As at risk

A leading East Midlands cyber security company has warned businesses looking to make an acquisition, agree a merger or simply make a private equity investment to ensure that a thorough Cyber Due Diligence Audit is undertaken as part of the other checks.

Dr Rona Mackenzie at KyptoKloud stressed that cyber security must be at the forefront of all directors’ minds, particularly as the rate and impact of cyber crime increases exponentially, and this is particularly true as you embark on a merger or acquisition.

In 2018, Gartner reported that by 2022, 60 per cent of organisations engaging in M&A activity will consider cybersecurity posture as a critical factor. However, 65 per cent of companies in M&A activity experienced regrets in making a deal due to cybersecurity concerns.

When you enter M&A or investment activity, you’ll undoubtedly be asked these questions:

How secure is your business? And your supply chain?

What evidence do you have to prove your and their resilience?

How do you balance your appetite for risk with your financial investment in security solutions?

What steps are you taking to further strengthen your business, given that the cyber threat landscape is constantly evolving?

Your cyber resilience, or lack of it, will have a significant impact on business value. By considering your cyber risks and proactively planning to reduce them, you can avoid future overspending on security and maximise the return on investment, while ensuring that the ever-increasing threat of a future hack or a ransomware attack is minimised.

Why does cyber security matter in M&A or investment activity? Negotiate with confidence.

By undertaking a rigorous cyber due diligence audit, you will uncover current and potential security risks and liabilities. This enables you to identify the costs for remediation and create strategic plans that demonstrate how you will secure your business now, and in the future, and balance investment in technology with the development of people and processes. This will support your M&A or investment negotiations and help establish whether the business is equipped to deliver on your deal thesis.

Optimise your integration or separation plans

During mergers, it is vital to proactively examine the cyber security challenges you may face in the integration of an entity. Through collaboration, you can build and execute a robust, secure and cost-effective plan that supports wider strategic objectives and maintains, or enhances, the cyber resilience of the organisation.

Undisclosed breaches are a deal breaker for most companies

Typically, businesses are reluctant to publicly share the details of a cyber or data breach. However, honesty during the deal process is vital, along with clear evidence of the proactive steps the organisation has taken to remediate and strengthen their cyber security.

Consider your supply chain security

The value of a business is intrinsically related to suppliers and the value of the contracts held. It is vital to have confidence in the security of the supply chain, a factor overlooked by most businesses. This is needed to prove your cyber strength, to give confidence to key contracts and future investors.

Maximise your return on investment

A clear, consistent message on cyber security that stands up to buyer scrutiny will help you achieve maximum value and limit any delays in the deal process.

Where do we start?

97 per cent of organisations allocate third party resources to cyber security assessments, as most internal IT teams lack the skills to conduct them (Forescout, 2019). At KryptoKloud, our dedicated cyber team can help you understand the cyber risks of your organisation, and your supply chain, using our COBRA cyber due diligence audit.

It is currently used by leading Private Equity companies as a key component of their due diligence activity. KryptoKloud combines technical and business risk expertise to clearly explain the holistic cyber security risks and opportunities in the context of the M&A and investment activity.

We provide tailored, specialist advice and deliver insight that can inform investment decisions, practical action, and remediation plans. Make a sound investment today by investing in COBRA. Find out more by emailing Dr Rona Mackenzie at [email protected]


Better directors for a better world

The IoD supports directors and business leaders across the UK and beyond to learn, network and build successful, responsible businesses.
Internet Explorer
Your web browser is out of date and is not supported by the IoD website. It is important to update your browser for increased security and a better web experience.