Key Things You Should Know About Cyber Due Diligence During M&A Transactions

Key Things You Should Know About Cyber Due Diligence During M&A Transactions

Major cyber-attacks, like the one that targeted the Colonial Pipeline in May of 2021, may seem new and newsworthy to many. The reality is that the fuel service slowdowns Colonial faced are just one of the countless incidents that reduced or even stopped business altogether for firms across the country last year.

Key things you should know about cyber due diligence during M&A transactions

Cybersecurity due diligence represents a critical phase in the M&A transaction lifecycle. Without proper review, something that seems insignificant like an old computer system or the lack of proper security controls could cause problems during the integration phase or even prevent a close altogether. Understanding a company’s cyber risk profile can have large implications on the valuation of a company, the nature of the terms, and the future likelihood of a cyber-attack being catastrophic or not.

The cyber due diligence process begins by looking at the current coverages a company has. The loss history is assessed, and any prior breaches are examined. Understanding the current cyber risk exposures as well as the history of losses then aids in structuring the cyber due diligence that will cover the buyer if anything were to happen in the future.

Often, when cyber due diligence is left for last or overlooked entirely, the sell-side company will say they have adequate controls in place, and there should be no cause for concern. Then, years later, a loss occurs, and the buyer is left paying massive fees to fix the problem themselves. In cases like these, a different program called Representations and Warranties Insurance (RWI) could be added to provide excess coverage over the existing cyber policy. These decisions ultimately shape the profitability of the transaction as a whole.

Obtaining cyber due diligence as early in the process as possible ensures that the buy-side company will not have to deal with these issues. Having the cyber be a point of focus earlier rather than later in the due diligence process enables your broker to negotiate a tail that will cover future losses that result from past issues that go undiscovered.

Reach out to a BKS Advisor in our Private Equity Practice Group to discuss your unique risks and how we
can help.

Individuals and companies who need help navigating the complexities of insuring their assets should lean on experts who have proven success in helping clients get the coverage they need, even in a hard market. Contact us today to learn more about how we can help you assess your risk profile and protect your assets and investments.

DISCLAIMER

This material has been prepared for informational purposes only and was generated from information provided to BKS from the client and/or third-party sources. Therefore, BKS makes no warranty or representation(s) as to the accuracy or appropriateness of the data and/or the analysis herein. This information is not intended to provide, and should not be relied on for, tax, legal or accounting advice. You should consult your tax, legal and accounting advisors for those services

No Comments yet!

Table of Contents

Hurricane image
Post Hurricane Ian Resources
We are thinking of you as you prepare to face the challenges posed by Hurricane Ian. We hope that you...
BKS PRM high net worth assets
Protecting high-net-worth assets amid current challenges
Effective Strategies to Help Overcome them Rising inflation, high insurance rates, and massive lawsuits...
Seasonal Friend
Maximizing Your Relationship with Your Broker
So you decided to work with a broker to make the insurance purchasing process as seamless as possible....
Get in contact with an advisor today to see how BKS can support you.