Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

02:00 PM
Connect Directly
E-Mail vvv

Overlooked Security Risks of the M&A Rebound

Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.

When the ongoing pandemic took root in the US, businesses and entire industries were turned upside down. Unsurprisingly, there was a significant slowdown in the number of tech mergers during the first quarter of 2020. Companies inwardly focused on pressing issues tied to their very survival — understanding market demand changes, countering downward pressures, and right-sizing teams and expenses accordingly.

As we speculate about a new normal, Bain & Co. expects deals will rebound to historic levels in the coming months. Whether it's to improve business efficiencies or access technologies to adapt to the new realities of work, Bain anticipates an uptick in deals in remote IT support, automation, artificial intelligence, and work collaboration tools.

While this should bring new life to companies, mergers and acquisitions will present challenges, as always. Successful post-merger integration is tricky in all markets, and more so in today's remote working environments with increasingly distributed IT infrastructures. Merging companies need to think differently to be successful and maintain network security protocols.

Related Content:

Preventing and Mitigating DDoS Attacks: It's Elementary

The Changing Face of Threat Intelligence

New on The Edge: Bug Bounty Hunters' Pro Tips on Chasing Vulns & Money

Some of the biggest breaches of the last few years have occurred after large companies combined operations. Verizon's acquisition of Yahoo and Marriott's combination with Starwood come to mind, among many others. Often, it's subtle vulnerabilities, issues that have gone undiscovered in company IT environments for months or even years (e.g., unauthorized database access) that go on to create major headaches after the merger. When vulnerabilities go undetected during diligence and parties move quickly to consummate their transaction, serious security risks may be overlooked. In these cases, the number of customers whose private data could be exposed in a breach increases exponentially.

To balance speed and caution, M&A teams must take proactive steps to mitigate security risks throughout the transition phase.

When Companies Merge, Security Risks Multiply
Merging firms are often unaware of security issues or breaches in their networks until it's too late. The burden falls to both parties to perform a thorough cybersecurity assessment before, during, and after their networks are merged.

First, it's vital for all teams across both organizations to establish complete visibility throughout the expanding environment, including data centers, branch offices, cloud applications, and edge devices. This is crucial in order to gain a complete picture of both enterprises and help identify vulnerabilities. Establishing this shared source of information about everything happening on all networks enables businesses to break free from organizational silos that inhibit swift detection and resolution of IT security threats.

The next step is to detect and classify all assets across all environments. In particular, the proliferation of enterprise edge devices and the Internet of Things devices adds another layer of complexity to maintaining a secure infrastructure. Many of the billions of connected devices don't have built-in security measures, increasing their vulnerability to potential distributed denial-of-service or man-in-the-middle attacks.

Behavioral analytics can help mitigate this issue, as it allows security analysts to know when intruders are still present and identify what information has been compromised. Armed with timely information, security teams can detect threats in real time and provide contextualized data for rapid investigation and response.

It's also essential to close security gaps that emerge with cloud infrastructure. The cloud dramatically expands attack surfaces and exposes acquiring companies to myriad new security risks. While cloud service providers are responsible for some aspects of security — specifically, securitizing the cloud environment — customers are responsible for securing the workloads being transferred into and out of their cloud applications.

Misunderstanding this shared responsibility leads to critical security risks. In fact, some of the biggest cloud security threats are "in-house" — misconfigured services and portals, insecure APIs, and unauthorized access, to name a few. Businesses must take inventory of all these potential holes in the security infrastructure as systems are merged. Proactively uncovering and addressing cloud-specific security risks allows acquirers to expedite deals and emerge confident in the security of the integrated networks.

Integrate With Confidence
Cybersecurity attacks during M&A introduces risk and can compromise valuations. When sensitive data is leaked as a result of security lapses, it can damage the reputations of both organizations and cause firms to rethink or revalue transactions. To address these risks, businesses must develop a transition strategy with security top-of-mind. With a clear plan for maintaining security before, during, and after the merger, acquiring companies can uncover and address issues before the damaging effects are felt.

Bill Ruckelshaus is an experienced public company executive with a passion for technology-driven businesses – ranging from VC-backed pre-IPO firms, to profitable companies with $500M + in annual revenue. Bill is a hands-on executive with experience in strategy, ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.