Warning: Cybercriminals Target Organizations Going Through M&A Activity

The changing of hands of significant amounts of money is enough reason to get the attention of cybercriminals. So, how can organizations prepare for what should be an expected series of attacks?

Despite COVID, there has been little slowdown in mergers and acquisitions activity. The opportunity to change business strategies, purchase struggling businesses, etc. has led to a wave of M&A activity in the last 18 months. But those transactions involve lots of money, which has cybercriminals looking for ways to take advantage of the situation and find a cyberattack strategy that will yield a big payout. According to global consultancy firm Deloitte’s M&A Trends Survey 2021, the largest concern about executing a deal for over half of organizations (51%) is the threat of cyberattack.

In a recent TechRepublic interview with Jim Crowley, CEO of cybersecurity solutions provider Industrial Defender, discusses why companies undergoing a merger or acquisition are a target. According to Crowley, “If you sold a business to a large company or a private equity firm, they would have a lot more resources to pay up than if you were a smaller stand-alone organization without a strong balance sheet.”

Crowley goes on to discuss how phishing attacks, data breaches targeting intellectual property, and ransomware attacks can all be negatively impactful during an M&A transaction.

Deloitte recently released some guidance on the role of cybersecurity in M&A which includes cybersecurity protection through solutions, cyber resilience capabilities through backups and disaster recovery initiatives, and cyber vigilance through continual monitoring on the part of IT and Security Awareness Training for employees.