Cyber due-diligence ahead of Mergers and Acquisitions (M&As) now includes cyber assessment as part of the pre-acquisition checklist and during the merging of the two companies' networks.
It is critical to ensure that the target company's intellectual property and “know-how” have not been compromised or copied by a potential competitor or nation-state.
The integration of two networks exposes companies to considerable risks, making organisations undergoing M&As a prime target for cyber-criminals. Until recently, most companies merged networks with little-to-no cyber due-diligence conducted on the target network before, during or after the acquisition. Acquiring companies previously focused on due diligence with regards to financial and legal fundamentals.
MACOM, a leading semiconductor manufacturer supplying over 3,500 products across 40 different product lines, is one company that has begun including cyber due-diligence in its M&A programme. “In today's cyber-environment, companies can never be too vigilant given the increasing complexity of cyber-threats in M&A deals,” said Robert Dennehy, SVP, MACOM in a press release sent to SC Media UK.
MACOM recently leveraged Darktrace's Enterprise Immune System to inspect the child network for any policy discrepancies that would prolong the merging of the two networks. The technology allowed MACOM “to identify and remediate these differences before connecting the two networks, thus mitigating potential integration risks,” added Dennehy.
In the same release, Nicole Eagan, CEO of Darktrace noted that, “modern M&A practices need to include a realisation that companies are also acquiring past, present, and even future cyber-threats. Boards of directors are paying more attention to their cyber-security posture, and companies need to ensure they take rigorous action.”