Value realization is usually at the forefront of mergers and acquisitions (M&A). Cyber threats, on the other hand, are quite real. Cyber-risk exposure has the potential to dramatically impact post-merger valuations, given data privacy restrictions and obligatory breach disclosure legislation. Acquiring companies should include the cost of cyber risk as part of their deal strategy when evaluating the worth of a potential acquisition.
According to a 2021 report by Deloitte, “Role of cybersecurity in M&A”, by 2022, around 60% of companies will view cybersecurity posture as a crucial component in their due diligence process during any M&A.
Mergers and acquisitions broaden the attack surface by bringing in a new set of users who are not familiar with the acquiring company’s security program. They also combine IAM infrastructure, rules, and administrative processes that may or may not adhere to the same cybersecurity requirements.
And if both organizations rely on active directories (AD), the possibility for vulnerability is greater. Because of inherent security gaps (because of its age) and misconfigurations that have accumulated over time, AD is a soft target for cyber-attacks. Bringing two companies’ active directory configurations together in a way that allows them to do business securely can be a difficult task that requires a collaborative effort from both IT and security teams.
It takes time and resources to assess M&A cybersecurity risks
To avoid potential attacks, giving teams the time and resources they need to perform a complete analysis of cybersecurity risks, is crucial. Maintaining and improving cybersecurity prior to, during, and after M&A activity necessitates the following:
As part of due diligence, a strategic approach for examining the new acquisition’s active directory vulnerabilities: Assessing the security posture on both sides of the merger should be a continuous review of new risks and indicators of vulnerability or compromise, not just a one-time exercise to finalize the deal. Furthermore, regular security evaluations will aid in the detection of potentially dangerous misconfigurations or malicious changes.
Traditional logging systems don’t provide visibility into advanced AD attacks: Although the acquiring or acquired organization may have SIEMs or other threat detection technologies, some attack methods get through them. Consider whether the present solutions of the merged organization can catch changes even if security logging is deactivated, logs are erased, agents are disabled or stop working, or harmful changes are introduced directly into AD.
Confidence that a newly acquired company’s AD forest can be recovered if it is attacked: Either the acquiring or acquired company may have a well-developed disaster recovery strategy. However, if it isn’t cyber-resilient — that is, if attackers infect or wipe out all of the company’s domain controllers – then the entire amalgamated organization’s business operations are at risk.
The cybersecurity risks of merging two firms are legitimate concerns for companies on the M&A path. During the transition period, when every cybersecurity process, protocol, and assumption will be tested, a carefully crafted plan for identity and access management between the two businesses is crucial to keep cyber attackers at bay.
For more such updates follow us on Google News ITsecuritywire News