M & A Due Diligence
The merger between an international and US based company required a thorough security review.
The government agency supervising the deal had conducted a routine security assessment as part of the due-diligence. However, the size and complexity of the merger required added review. They needed an expert that understood different security protocols in order to properly evaluate the initial assessment findings. They had to verify the merger would not create any level of a security risk as the two companies integrated their data. There was a quick timeline and high expectations on both sides of the merger.
We reviewed the assessment results and found several issues that created exposure of some of the data, and would have compounded the risk as a result of the merger. Our recommendations had a no-go impact on portions of the merger.
The government agency adopted our recommendations which prevented potential security risks to the US company and beyond.
Outcomes: Better understanding of cyber risk as a result of acquisition