Ever been curious about how cybersecurity affects mergers and acquisitions? You should be.
A new survey from (ISC)2 reveals that the quality of cybersecurity at a company being purchased is a significant M&A consideration and can impact whether the purchase goes through.
Cybersecurity in M&A is becoming crucial
According to experts in M&A, it often takes more than verifying a company's financials to get full sign-off in acquiring a company.
Now, it's also about verifying the security posture of the organization.
(ISC)2 surveyed 250 voices in the world of M&A about cybersecurity audits and how important they are for business decisions.
"The research shows that the inclusion of a cybersecurity audit in M&A does more than simply fulfill a requirement or serve as window dressing. M&A experts pay close attention to cyber audit results—and take them into account to make decisions."
Cybersecurity in M&A: 4 key findings
The survey identifies four key findings when it comes to cybersecurity and M&A decisions. Incredibly, 49% of the M&A experts surveyed say the discovery of a previously undisclosed data breach would derail a merger or acquisition.
Cybersecurity in M&A: incident response matters
According to the survey, it is incident response.
"For most respondents (86%), a publicly reported breach detracts from the acquisition price. But it's not a deal breaker, if the company can demonstrate it handled the breach appropriately and took steps to prevent further incidents.
If the company addressed the breach satisfactorily, fixed its security vulnerabilities and paid its fines (when applicable), 88% say the company's value increases."
Check out the full report here.