© Copyright Acquisition International 2026 - All Rights Reserved.

Article Image - Current Approach to Due Diligence  Requires Rethink
Posted 30th April 2015

Current Approach to Due Diligence Requires Rethink

Completing a corporate transaction without rigorous financial due diligence is unthinkable. Yet, despite numerous well publicised incidents of cybercrime, investors remain blasé about the potential impact of cyber risks on long term value.

Mouse Scroll AnimationScroll to keep reading

Let us help promote your business to a wider following.

Current Approach to Due Diligence Requires Rethink
Image

Current Approach to Due Diligence Requires Rethink

Completing a corporate transaction without rigorous financial due diligence is unthinkable. Yet, despite numerous well publicised incidents of cybercrime, investors remain blasé about the potential impact of cyber risks on long term value.

Deals continue to be made without understanding the potential impact of this ticking time bomb, which U.S. Deputy Treasury Secretary Sarah Bloom Raskin has warned could be “the most pressing operational risk of our time”.

Hackers are becoming increasingly adept not only at penetrating networks, but also avoiding detection once inside corporate systems. Indeed, most significant breaches are uncovered, only after cyber criminals have been lurking inside corporate systems for weeks or months.

To understand the value of an investment and reduce the likelihood of a future catastrophic event, companies and their advisers must ensure cyber resilience is assessed alongside other strategic criteria, before a deal is completed. Leaving a review until after a deal has been signed is a very significant mistake.

A security assessment starts with a wide-ranging review, carried out by an external third party. However, just because the security review is being done at the same time as a financial review, it must not be confused with an audit. It is crucially important for investors to avoid the all-too-common pitfall of treating the security assessment as a checklist audit of security systems. Such an IT audit often does nothing more than confirm that a company meets a certain predefined infrastructure standard. It almost never considers the actual circumstances in which a company operates and tends to ignore the risks that are unique to each company, even though those risks cause the greatest vulnerability. Instead, a proper security assessment must be a customised and risk-focused review, aimed at understanding actual risks and suggests bespoke risk mitigation options.

In addition to identifying security gaps in hardware and software used by a company, a security review will determine the extent to which security is seen as a companywide priority. Everyone involved in using the IT systems has a crucial role to play. Therefore, an important part of good security is ensuring that employees are knowledgeable about their role in protecting company data and do not become the weak link in the security chain. Individuals must be taught to be vigilant about their behaviours, which will make it more difficult for attackers to catch someone unaware. Users also need to understand what to do if they suspect a problem with their computers or activities.

Careless executives or employees represent a significant risk to cyber security, according to a poll of US companies. The Stroz Friedberg ‘On the Pulse: Information Security Risk in American Business’ survey found that a key challenge for companies is to strengthen cyber security awareness among top executives. The survey found that 87% of senior managers regularly use personal email or cloud account to work remotely, placing such information at a much greater risk of being breached. More than half (58%) of senior management also reported that they had accidentally sent sensitive information to the wrong recipient, compared to just one quarter of workers overall.

The strategy to protect information must recognise also that cyber security extends beyond the data held directly by an enterprise. Key assets, including commercial contracts, intellectual property and strategic plans, are commonly held by third parties involved, such as financial or legal advisers. A determined hacker will not only aim to penetrate a corporate network but also target the company’s legal advisers, consultants suppliers and anyone else likely to have valuable information. Corporates must, therefore, ensure their lawyers, brokers, accountants and suppliers are also secure. Indeed, both the UK and US governments have specifically warned law firms that they are the targets of sophisticated hackers and must be better prepared to defend their networks.

Senior executives and their professional advisers can no longer be blind to cyber risks. As such threats become increasingly commonplace and costly, the resilience of the entire supply chain, including financial and legal advisers, must be addressed, so that the long-term value of an investment can be safeguarded from the very beginning.

Seth Berman is executive managing director of Stroz Friedberg, an investigations, intelligence and risk management company. 

Categories: M&A, Strategy


You Might Also Like
Read Full PostRead - Eye Icon
FairMedOnline Expands
M&A
07/11/2016FairMedOnline Expands

Caremondo is a full-service global platform for high-quality medical travel. It allows patients to compare and book medical, dental, and aesthetic treatments abroad in more than 160 accredited partner healthcare facilities in over 20 countries worldwide.

Read Full PostRead - Eye Icon
The Global Tax [r]Evolution
Finance
14/10/2015The Global Tax [r]Evolution

One of the consequences of operating in an increasingly globalised and digitalised world, is that borders blur and taxing rights between countries become a hotly contested topic.

Read Full PostRead - Eye Icon
Huddle : The Company Making Collaboration Simple and Secure
Innovation
09/09/2019Huddle : The Company Making Collaboration Simple and Secure

Founded in 2006, Huddle is a privately held cloud-based collaboration software company that is headquartered in London, with additional offices in San Francisco,

Read Full PostRead - Eye Icon
Navigating the Legal Landscape of Noncompete Agreements in M&A
Legal
20/05/2025Navigating the Legal Landscape of Noncompete Agreements in M&A

While not every buyout or merger includes noncompetes, understanding how to approach these clauses can be critical to successful deal-making.

Read Full PostRead - Eye Icon
All Your Currency – In Our Superapp!
News
15/06/2023All Your Currency – In Our Superapp!

Sydney-based company Bano SuperApp (Bano) allows customers to spend, pay, save, and invest, all from one virtual account. Designed for millennial and gen-z clients, the Bano superapp features a range of local, and global, financial offerings on one integrated

Read Full PostRead - Eye Icon
Empowering Women in Finance and Demystifying the Landscape As Saxo Sees 57% Surge in Female Clients Following Lower Pricing Strategy
Finance
07/03/2024Empowering Women in Finance and Demystifying the Landscape As Saxo Sees 57% Surge in Female Clients Following Lower Pricing Strategy

As the financial sphere continues to be rocked by the effects of lockdowns, subsequent supply chain disruptions, an energy crisis and the long-forgotten notion of inflation, Camilla Dahl Hansen, Chief Experience Officer at Saxo Bank, argues now is the time to

Read Full PostRead - Eye Icon
5 Ways AI Is Outperforming Experts
Innovation
07/03/20225 Ways AI Is Outperforming Experts

With DeepMind claiming that its AI system – AlphaCode – can “write computer code at a competitive level,” a milestone may have been reached. The ability of a machine to match the coding skills typical of human intelligence, if true, represents a moment

Read Full PostRead - Eye Icon
The Role of Legal Expertise in Securing Fair Compensation After Major Transport Incidents
News
08/04/2024The Role of Legal Expertise in Securing Fair Compensation After Major Transport Incidents

When a semi-truck incident shatters the rhythm of daily life, the path to justice is often entangled in complex legal frameworks. A specialist’s grasp on this multifaceted process is not a luxury but a necessity. Corporations and victims find themselves

Read Full PostRead - Eye Icon
Private vs Public Cloud: Pragmatism Over Hype
News
15/10/2025Private vs Public Cloud: Pragmatism Over Hype

There are few debates in modern IT quite as enduring as Private vs Public Cloud. Public promises limitless scale, innovation at speed, and global reach. Private promises control, sovereignty and predictability.



Our Trusted Brands

Acquisition International is a flagship brand of AI Global Media. AI Global Media is a B2B enterprise and are committed to creating engaging content allowing businesses to market their services to a larger global audience. We have a number of unique brands, each of which serves a specific industry or region. Each brand covers the latest news in its sector and publishes a digital magazine and newsletter which is read by a global audience.

Arrow