When a large company seeks to merge with or acquire another company they generally conduct due diligence on the target company’s assets and liabilities, intellectual property and other financial indicators. Companies should also seek to add cybersecurity to their pre-deal due diligence and treat it as an enterprise risk, attorneys recently told Bloomberg BNA.
However, the lack of available personnel to conduct the cybersecurity due diligence is a limiting factor even when the board knows it is an enterprise risk, according to a recent West Monroe Partners/Mergermarket report.
Even as boards were able to identify cybersecurity as an increased threat over the past two years, about one-third (32 percent) of respondents said that there weren’t enough qualified personnel on the deal to detect cybersecurity risks. About 40 percent of respondents discovered a cybersecurity problem after the completed deal, “indicating that standards for due diligence remain low” when there aren’t proper personnel in place.
Certain industries should take cybersecurity due diligence more seriously. Industries that focus on personally identifiable information—health care, banking and financial services—should invest in hiring more cybersecurity professionals because the risk of a reputational and economic harm due to a data breach is much higher, attorneys said.
So if you are a cybersecurity pro looking for a job, put down the classifieds and pick up the business news section and search for companies going through the merger process. They may be hiring.
To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.
Notify me when updates are available (No standing order will be created).
Put me on standing order
Notify me when new releases are available (no standing order will be created)