Cybersecurity threats are a major concern for businesses of all sizes, and that challenge can have repercussions when a company puts itself on the selling block. One of the things buyers will want to know is whether the company has had a breach and, if so, how it was handled.
If the business can show it addressed the breach in a satisfactory way and learned from the experience by fixing its security vulnerabilities, its sale value increases, according to 88% of respondents in a new (ISC)² study titled Cybersecurity Assessments in Mergers and Acquisitions. The study reveals that cybersecurity audits are now standard practice in the M&A process.
And the results of those audits have weight: 77% of study participants, all of whom have M&A experience in some capacity, make recommendations on deals based on what the audits reveal. A solid majority of respondents (82%) say the stronger a company’s cybersecurity infrastructure, including soft assets such as risk management policies and security awareness training programs, the higher the value assessed to the organization
In addition, 86% say a publicly reported breach detracts from the acquisition price, although it’s not a deal breaker if the target company handled it properly. Buyers can be forgiving when it comes to breaches they already know about but it’s a different story if a previously undisclosed breach comes to light during M&A discovery.
More than half of respondents (57%) say they have been surprised during the M&A ..
Support the originator by clicking the read the rest link below.
![[Podcast] CVE Numbering, Governance, and Advocacy with Katie Trimble and Chris Coffin](upload/news/image_1569859246_45607188.jpg)
