Cyber Security Concerns when Acquiring a Company
Buying a Company? Better keep a Close Eye on Cyber Security Measures in the Acquisition Target!
You’ve finally decided to buy that company you’ve been eyeing for so long. Your Due Diligence has poured over endless reams of financial data. You’ve looked at overlapping markets and customer base. The product or service, once absorbed into your operation, will be a strategic fit. Only one thing left to do, right? If your answer is cut the check, you’ve left out one of the most important business consideration in today’s rapidly evolving business world. What about the Cyber Security in place with the acquisition target? You need to analyze the threat of harm from unhappy employees who may feel they’re not getting what they deserve or from enterprising criminals who want to profit. Cyber Security is very important. Before you jump right in, consider the following issues:
Security and Data Privacy:
- Does the organization have a security policy that is documented and enforced?
- Does the organization have a data policy that is documented and enforced?
- Does the organization have an incident response policy that has been tested in the last year?
Patching and Change Management Policies:
- Are systems in the target company’s enterprise kept up to date with security patches?
- Are they only running vendor supported operating systems and applications?
- Does the organization have a strong change management process and do they enforce that process?
- Does the target regularly, (at least annually) have a third party audit of its IT processing procedures?
- Does the target have third party penetration testing of its network and systems security?
- Does the organization rely on cloud based services? Does the target company know the countries in which the cloud provider stores, transmits and processes its data?
These are questions that must be included in any Due Diligence investigation of a potential acquisition company, along with all the remaining Due Diligence analyses. The threat of cyber crime, unauthorized intrusion and hacks are too great to ignore these issues.
With over 30 years’ experience in advising businesses, let Boznos Law work with you to ensure you are ready to meet the challenges posed by the business environment. Call Bill Boznos today at (630) 375-1958 or contact us through our website.