Broker Check

Cyber Risk in Mergers and Acquistions

May 14, 2020

Changes in the economy due to the pandemic are forcing many businesses to re-evaluate their operations. For some this will lead to mergers or acquisitions. As noted by cyber security consulting firm Halock, cyber security is an essential part of evaluating the costs and benefits of a transaction.

As part of due diligence organizations must consider:

  • Involvement of directors and officers in cybersecurity. The Cybersecurity Disclosure Act requires public companies to report the cybersecurity expertise, if any, of board members.
  • Current controls, devices and duty of care.
  • How the network is protected.
  • Incident response - how long it took to detect a breach, how well was the recovery.
  • Policies and procedures including the business continuity plan.
  • Cyber security awareness training of employees.
  • Ongoing costs of any prior data breach, including reputation impact.

The full post is on