Posted by Anupam Mehta on February 23, 2016
Mergers and acquisitions (M&A) between two companies bring a unique synergy that cannot be obtained by one company alone. Along with synergy, M&A bring a lot of things to the table such as:
One of the aspects rarely discussed during M&A is security as it relates to potential risks accompanying the deal.
Mergers and acquisitions are often used synonymously. However, they mean different things. When a target company (or buyer) takes over another company and establishes itself as the owner, this is typically called as an acquisition. A merger, on the other hand, is when two independently owned companies agree to move forward as one unit rather than separately owned or operated entities.
In the words of Gerald Brom:
“Everything comes with a price. Everything. Some things just cost more than others.”
That being said, understand that securing an enterprise too comes at a cost. Early identification of risks, vulnerabilities, and threats for securing the enterprise during M&A helps reduce cost, efforts required to resolve these issues, and maintenance of industry reputation. Security must be taken into consideration as early as possible to avoid any negative ramifications. Here, we’ll define high level security risks that need to be facilitated for a smooth integration between the companies involved in M&A.
The merging or acquisition of two companies requires an in-depth analysis of all different domains of security with respect to both companies. As an example, let’s say two companies (A and B) have similar product lines. Company A acquires Company B. Company A might have a different set of security policies and procedures for deploying an application into production than Company B. The two companies may also have a different risk assessment methodology.
Here’s a glance at the different aspects of security that must be considered during M&A:
Companies involved in M&A can take a few steps to safeguard against various types threats. Here are a few considerations allowing for a smooth integration and the mitigation of potential security risks:
Firms involved in M&A must weigh pros and cons during the process. Thoughtful consideration of the threats, risks, and vulnerabilities that accompany the deal must also be conducted. Consideration of the above controls, involving the right assessor, and a thoughtful decision will reflect a combination of securing your company, securing customer’s data, and securing employees data.
Get the latest AppSec news and trends sent directly to you.