Could acquisitions lead to data attacks?
CHICAGO, May 2, 2014 /PRNewswire/ — Many businesses in a variety of industries, including private equity firms and their portfolio companies, can experience data security breaches. Violations often involve the loss of customers’ personal and credit information, and many times, go far beyond the potential loss of financial information or regulatory penalties. The bad press from a security breach could equate to the loss of thousands, if not millions, of customers. In addition, the greater hit is often in the form of reputation and goodwill erosion, and the possibility of liability suits.
In McGladrey’s Private equity firms may inherit data attacks from acquisitions, there are a few key items a company should consider:
-- The cost of security breaches: There are damaging avenues an attacker might take to access an organization's critical data, such as hacking into corporate bank accounts, extracting sensitive data and sometimes a business' actual account funds. This could not only lead to compromised customer and credit information, but also devastating financial loss for a company. -- Intellectual property concerns: What happens if you own or acquire a company, not knowing its key intellectual property has been compromised? Proper due diligence prior to the deal close is essential to uncover intellectual property impropriety or breach. -- The best defense: A simple assessment of the current state can help an organization understand its security posture, and identify gaps in its security program. -- Questions to consider: Ponder critical questions prior to an acquisition. What is it about the target that makes it of value to you? Is it something that can be stolen or copied? Broken?
As a private equity firm acquiring a new business, could you be held responsible for existing ineffective security strategies, resulting in breaches within the acquired company? Further still, post-deal close, could you encounter challenges related to compromised intellectual property of the acquiring business and resulting aftermath? In a word, yes. You could inherit many of the problems from presale attacks, and pay for these security issues for years, in the way of fines, costly litigation or plummeting revenues.
To learn more, read McGladrey’s Private equity firms may inherit data attacks from acquisitions.