In today’s data-driven economy, cybersecurity has become a key risk factor in mergers and acquisitions.

– The American Bar Association

When undertaking an M&A transaction, it is critical to understand the nature, scope and context of the target company’s information management practices, vulnerabilities and defenses to truly assess its value and risks. Our Cybersecurity Due Diligence assessment can help you identify and evaluate cybersecurity and data privacy assets and risks prior to completing a transaction. We provide you with an independent, confidential evaluation of a target company’s cybersecurity sophistication and capabilities. Our Cybersecurity Due Diligence assessment analyzes a target company based on the following factors:

  • Data & IT assets
  • Scope & nature of information processing
  • Federal, state & international legal obligations
  • Cybersecurity & information governance
  • Privacy policies, notices & statements
  • Employee policies & training
  • Third-party service providers
  • Information security controls & protocols
  • Historical cybersecurity incidents
  • Data breach/incident response capabilities