Half of M&A Cyber Audits Uncover Undisclosed Breaches That Derail Deals

Cybersecurity diligence performed prior to a merger or acquisition often uncovers weaknesses in an organization’s security stance, which can spell doom for the company being purchased and a resulted phishing attack.Cyber Security on the Mechanism of Metal Gears.

It appears that a company’s lack of security can make or break an M&A deal. According to the new Cybersecurity Assessments in Mergers and Acquisitions report from (ISC)2, 100% of organizations perform some form of cyber audit of the company being bought.

But a bit more than half (57%) of organizations report finding a previously undisclosed (or potentially unknown) data breach as part of the audit. And nearly half (49%) of organizations have seen a deal be cancelled because of it.

Nearly all organizations (95%) consider cybersecurity to be a tangible asset. In fact, 82% of organizations believe the stronger a company’s cybersecurity infrastructure is, the higher the value assessed to the organization. According to the report, this includes “soft” assets such as risk management policies and security awareness training programs. In contrast, only 63% of organizations factor in IT security tools as assets.

It’s evident from the data that organizations are more focused on the overall cybersecurity stance, as well as the security policies, process, and culture establish rather than the kind and type of security solutions in place.

It’s good to see Security Awareness Training mentioned, as it has the unique potential to stop attacks where all other solutions fail; eventually a malware-laden email, attachment, or webpage is going to reach your users – it’s only Security Awareness Training that can educate the user to both spot the potential threat and reduce the risk of attack by not engaging with it.

Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request a Demo!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews