Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

11/10/2020
02:00 PM
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Overlooked Security Risks of the M&A Rebound

Successful technology integration, post-merger, is tricky in any market, and never more so than with today's remote work environments and distributed IT infrastructure.

When the ongoing pandemic took root in the US, businesses and entire industries were turned upside down. Unsurprisingly, there was a significant slowdown in the number of tech mergers during the first quarter of 2020. Companies inwardly focused on pressing issues tied to their very survival — understanding market demand changes, countering downward pressures, and right-sizing teams and expenses accordingly.

As we speculate about a new normal, Bain & Co. expects deals will rebound to historic levels in the coming months. Whether it's to improve business efficiencies or access technologies to adapt to the new realities of work, Bain anticipates an uptick in deals in remote IT support, automation, artificial intelligence, and work collaboration tools.

While this should bring new life to companies, mergers and acquisitions will present challenges, as always. Successful post-merger integration is tricky in all markets, and more so in today's remote working environments with increasingly distributed IT infrastructures. Merging companies need to think differently to be successful and maintain network security protocols.

Related Content:

Preventing and Mitigating DDoS Attacks: It's Elementary

The Changing Face of Threat Intelligence

New on The Edge: Bug Bounty Hunters' Pro Tips on Chasing Vulns & Money

Some of the biggest breaches of the last few years have occurred after large companies combined operations. Verizon's acquisition of Yahoo and Marriott's combination with Starwood come to mind, among many others. Often, it's subtle vulnerabilities, issues that have gone undiscovered in company IT environments for months or even years (e.g., unauthorized database access) that go on to create major headaches after the merger. When vulnerabilities go undetected during diligence and parties move quickly to consummate their transaction, serious security risks may be overlooked. In these cases, the number of customers whose private data could be exposed in a breach increases exponentially.

To balance speed and caution, M&A teams must take proactive steps to mitigate security risks throughout the transition phase.

When Companies Merge, Security Risks Multiply
Merging firms are often unaware of security issues or breaches in their networks until it's too late. The burden falls to both parties to perform a thorough cybersecurity assessment before, during, and after their networks are merged.

First, it's vital for all teams across both organizations to establish complete visibility throughout the expanding environment, including data centers, branch offices, cloud applications, and edge devices. This is crucial in order to gain a complete picture of both enterprises and help identify vulnerabilities. Establishing this shared source of information about everything happening on all networks enables businesses to break free from organizational silos that inhibit swift detection and resolution of IT security threats.

The next step is to detect and classify all assets across all environments. In particular, the proliferation of enterprise edge devices and the Internet of Things devices adds another layer of complexity to maintaining a secure infrastructure. Many of the billions of connected devices don't have built-in security measures, increasing their vulnerability to potential distributed denial-of-service or man-in-the-middle attacks.

Behavioral analytics can help mitigate this issue, as it allows security analysts to know when intruders are still present and identify what information has been compromised. Armed with timely information, security teams can detect threats in real time and provide contextualized data for rapid investigation and response.

It's also essential to close security gaps that emerge with cloud infrastructure. The cloud dramatically expands attack surfaces and exposes acquiring companies to myriad new security risks. While cloud service providers are responsible for some aspects of security — specifically, securitizing the cloud environment — customers are responsible for securing the workloads being transferred into and out of their cloud applications.

Misunderstanding this shared responsibility leads to critical security risks. In fact, some of the biggest cloud security threats are "in-house" — misconfigured services and portals, insecure APIs, and unauthorized access, to name a few. Businesses must take inventory of all these potential holes in the security infrastructure as systems are merged. Proactively uncovering and addressing cloud-specific security risks allows acquirers to expedite deals and emerge confident in the security of the integrated networks.

Integrate With Confidence
Cybersecurity attacks during M&A introduces risk and can compromise valuations. When sensitive data is leaked as a result of security lapses, it can damage the reputations of both organizations and cause firms to rethink or revalue transactions. To address these risks, businesses must develop a transition strategy with security top-of-mind. With a clear plan for maintaining security before, during, and after the merger, acquiring companies can uncover and address issues before the damaging effects are felt.

Bill Ruckelshaus is an experienced public company executive with a passion for technology-driven businesses – ranging from VC-backed pre-IPO firms, to profitable companies with $500M + in annual revenue. Bill is a hands-on executive with experience in strategy, ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This is not what I meant by "I would like to share some desk space"
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-1303
PUBLISHED: 2021-01-20
A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated, remote attacker to execute unauthorized commands on an affected device. The vulnerability is due to improper enforcement of actions for assigned user roles. An attacker could exploit this vulnerability by...
CVE-2021-1304
PUBLISHED: 2021-01-20
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not autho...
CVE-2021-1305
PUBLISHED: 2021-01-20
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system, gain access to sensitive information, and view information that they are not autho...
CVE-2021-1312
PUBLISHED: 2021-01-20
A vulnerability in the system resource management of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) to the health monitor API on an affected device. The vulnerability is due to inadequate provisioning of kernel parameters f...
CVE-2021-1349
PUBLISHED: 2021-01-20
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. The vulnerability is due to insufficient input validation by the web-based management interf...