Cybersecurity Roundup: Forescout, Kudelski, CyberX and Clearedin
… wreak havoc across the network.
Take Marriott for example. Late last year, 500 million Marriott customers had sensitive data stolen by malicious hackers as a result of a vulnerability in a system from Marriott’s acquisition of Starwood in 2016. One thing is clear from this: You don’t just acquire a company; you also acquire its security posture.
CF: How can organizations address cyber risk from connected devices and human error? Does that pose challenges/opportunities for cybersecurity providers?
JC: With the proliferation of IoT devices, set to surpass 20.4 billion by 2020, determining the cybersecurity risks of the devices should be a top priority in any M&A deal. Our survey found that 72 percent of respondents believe IoT devices to be the most vulnerable during an M&A deal. This presents a challenge for organizations to conduct a comprehensive inventory of every acquired device. We find that most organizations aren’t aware of the sheer number of devices connected to their network. That poses a significant risk to the enterprise, which is only heightened when acquiring another company’s plethora of potentially risky devices.
CF: How can cyber risk jeopardize an M&A deal?
JC: In many cases, an undisclosed data breach that’s revealed during diligence can be a deal breaker, forcing companies to take immediate action in M&A strategy. Remediation costs can get expensive, and if that cost outweighs the importance of the merger/acquisition, the deal will inevitably be terminated. There’s also brand reputation to consider, financial impact and general willingness to clean up another company’s mess. While history is not limiting, the key is disclosure and due diligence. Companies must perform due diligence in order to accurately assess any risk associated in any given M&A deal.
CF: What was the most surprising about the survey findings?
JC: Within the survey, one of the most surprising findings was that 53 percent of respondents have encountered a critical cybersecurity issue or incident that ultimately put the deal in jeopardy. Cybersecurity is often overlooked in the M&A diligence process as many acquisitions are often on the fast track.
Furthermore, our survey also found that an overwhelming 93 percent of respondents agree that cybersecurity evaluation is important when making M&A decisions. The history of critical cyber issues is a direct reflection of the company’s ability to mitigate risk. Given the value decision makers place on cybersecurity evaluation, it was only fitting that a majority 73 percent felt that a company with an undisclosed data breach was an immediate deal breaker.
Kudelski Security-Fortinet
Kudelski Security has expanded its device support and management to Fortinet.
Kudelski provides manufacturer support services for vendors like F5 Networks, Juniper Networks and Pulse Secure, and has more than 120 clients across the United States. As part of Kudelski’s service, clients get a premium service for quicker escalation and resolution, including finding, escalating and tracking …