Kroll’s cybersecurity due diligence services help firms across Singapore, Hong Kong, Asia and the world to make fully informed M&A decisions
1 - sample cybersecurity due diligence steps in pre- and post-transaction
Even Sophisticated Companies Can Be Unprepared
An acquisition target may have a great product, an efficient sales team, and a solid balance sheet. But, to assess a target company’s cybersecurity risk, investors shouldn’t trust self-disclosures to provide all the relevant information.
Organisations looking to be acquired can use positive findings or prompt remediation from Kroll’s assessments – especially Modules 3 and 4 – to demonstrate the company’s value and alleviate potential buyers' concerns.
Cybersecurity Due Diligence Overview
Kroll's independent cyber due diligence services can verify whether a target company’s cybersecurity history or current posture add undue risks to the value of an acquisition. Our experts can identify material data security weaknesses that need to be addressed to avoid or properly consider post-transaction risks, fines, and remediation costs. Our services include:
Pre- and Post-Transaction Services
Kroll offers four customisable cyber due diligence modules to help identify, assess, and manage data security risks, both pre- and post-transaction. Each module can be tailored to a unique transaction, and companies can utilise a combination of services based on their specific risk concerns, deal speed, and access to the target company.
For organisations seeking to be acquired, positive findings or timely remediation based on these assessments – especially Modules 3 and 4 – can allay potential buyers’ concerns and accelerate a deal's close.
Module #1 – Deep and Dark Web Exposure
With Kroll's CyberDetectER® DarkWeb – which contains more than 13 years of indexed dark web data, with more than 3 million files added every day – we can conduct a deep and dark web assessment with unparalleled scope. Using this proprietary resource, our experts will quickly and efficiently identify any exposed data or previously unknown breaches without needing to access a target company’s network
Module #2 - Compromise Assessment*
Our team can deploy Kroll Responder across all endpoints in a target company to search and monitor for malicious and unusual behaviors. Kroll's cybersecurity experts will be ready to respond and contain threats if endpoint data identifies any malware or infection points
Module #3 – Cyber Risk Assessment
Our experts perform risk assessments using Kroll's proprietary methodology developed over years of incident response and investigation work. We also adapt assessments to ensure compliance with any industry-specific standards or regulations, including ISO, NIST, PCI-DSS, HIPAA/HITECH, GLBA, and CIS. Our framework produces agile assessments that need only minimal input from the target company. They can also be adapted for deeper review if access to internal systems is granted.
Module #4 – Vulnerability Assessment / Penetration Testing
Kroll's professional penetration testing teams will simulate real-world cyberattacks to examine systems for vulnerabilities and assess employee awareness through social engineering exercises. These tests provide valuable insight into the real-world risks a company faces and are often conducted pre-transaction by those seeking to be acquired or immediately post-transaction by the purchasing organisation.
Case Study: Agile Cyber Due Diligence for Global Investment Firm
A leading global investment firm managing over $150 billion assets was concerned about the increased risks associated with data security and privacy incidents. They sought Kroll’s help to establish a cybersecurity due diligence framework to assess the maturity of potential M&A targets.
Given the speed of investments and limited access to internal systems, the firm needed its cyber due diligence framework to be as accurate as possible within tight time constraints.
Solution:
Kroll’s Cyber Risk experts developed a framework based on the CIS Top 20 Critical Security Controls™ to assess a company’s vulnerability to data breaches and overall cyber defense posture. The agile evaluation instrument provided a general overview and included three core elements:
Impact:
Once implemented, Kroll’s cybersecurity due diligence framework could produce useful results for the investment company’s information security team within two hours. For each deal, the tool provided crucial insights needed for more information valuation.
Key Deliverables
Regardless of the modules selected for the cyber due diligence process, Kroll’s experts offer clients the assistance they need to properly assess the risks associated with a potential acquisition. Deliverables from each assessment include a thorough analysis of the organisation's security posture and will help our clients develop a successful integration plan based on our expert guidance.
Stop cyberattacks. Kroll’s managed detection and response services are powered by an elite team of seasoned cyber risk experts and frontline threat intelligence to deliver unrivaled response.
Today, you learn your company is experiencing a serious cyber incident. It could be a ransomware attack, a hacked O365 email account, the theft of PII or PHI, data exposure from misconfigured network settings. What is the first step you should take?
Kroll’s field-proven incident response tabletop exercises provide a customised test of every aspect of an organisation’s cyber response plan.
Manage risk, not spreadsheets. Identify and address cyber threats in third-party relationships to ensure compliance with regulations such as NYDFS, FARS, GDPR, etc.
Kroll’s cyber audits and reviews ensure third parties handle sensitive data according to regulatory guidelines and industry standards.
Safely perform attacks on your production environment to test your security technology and processes.
by Andrew Rathbun, Eric Zimmerman
by David White
by George Glass
by Dave Truman