Private Equity and Cyber Security: The 3 Weak Points

Uploaded on 2015-03-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

If you are a private equity general partner, and not directly involved in cyber security, you may well be astonished by how frequent, how persistent and how well organised cyber attacks are. You may well also be surprised that a private equity general partner – as well as its portfolio companies – is of special interest to cyber attackers.

Private equity COOs and managing partners should consider the three main areas of the private equity business model that are susceptible to cyber attack:

1. Acquisitions and disposals

The cyber security threat around corporate finance transactions has already been recognised as a key issue by HM Government. M&A activity is a common target of espionage, ranging from corrupt competitors to foreign intelligence services. During the weeks or months leading up to a change in ownership, organisations on all sides of a deal face a heightened risk of cyber espionage from interested parties seeking to gain competitive advantage in the process.
The timing of these attacks does not necessarily correlate with the deal news going public; they frequently occur before this and it should be assumed that as soon as the idea of a merger or acquisition is discussed – even in private – there is a risk of a compromise. You may therefore wish to operate under the assumption you are at risk at all times, and put in place the necessary measures.

2. Financial information

Private equity firms are at greater risk than most businesses when it comes to higher value fraud attempts via cyber attack. You are likely to hold financial and business information relating to your fund, your portfolio companies and your investors. All of this data has the potential to yield a high value return for an attacker.

3. Erosion of portfolio company valuation

All companies – whether private equity-owned or not – are at risk of cyber attack. We will look in subsequent blogs at which assets within a portfolio are most at risk, but suffice to say that cyber attacks, in particular due to the reputational damage they can cause, can have a tangible effect on company valuation.

A successful private equity general partner understands which risks might undermine success and cyber security is no different. The GP needs to consider the specific cyber threats facing the businesses in their portfolio, and ensure that these risks are being managed. This is not purely a technology challenge, but also involves people, information systems, processes, culture and physical surrounding – A holistic view needs to be taken. Understanding and managing these risks will allow PE to capitalise on the immense opportunity for growth and develop in a digital age.

To get a sense of the sheer scale of corporate cyber crime, I would recommend reading this Financial Times article by Caroline Binham, in which members of our cyber security team discuss the developing battleground of cyber warfare.

http://ow.ly/K6R54

« How you could become a victim of cybercrime in 2015
The Dark Web: anarchy, law, freedom and anonymity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Intercede

Intercede

Intercede is a cybersecurity company specializing in digital identities, derived credentials and access control, enabling digital trust in a mobile world.

National Authority for Electronic Certification and Cyber Security (AKCESK)

National Authority for Electronic Certification and Cyber Security (AKCESK)

AKCESK ensures security for trusted services, in particular reliability and security in electronic transactions between citizens, businesses and public authorities.

Threatspan

Threatspan

Threatspan is a cybersecurity firm helping shipping and maritime enterprises achieve and maintain nautical resilience in an age of increasing cyber threats.

Sayata Labs

Sayata Labs

Sayata delivers a streamlined solution for processing cyber policies. Increase profitability with an easy and intuitive platform.

Transmit Security

Transmit Security

The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability.

SecureTech360

SecureTech360

SecureTech360 is a cybersecurity and IT consulting firm whose principals have extensive experience in Cybersecurity and Information Technology.

Trapp Technology

Trapp Technology

Trapp Technology combines the very best cloud, Internet, IT managed services, and IT consulting to provide a true all-in-one IT solution for small to mid-sized businesses.

Everything Blockchain

Everything Blockchain

Everything Blockchain offer solutions that transform enterprise data-management capabilities. Increased efficiency, super-charged performance and all with government grade security.

Zaviant Consulting

Zaviant Consulting

Zaviant Consulting is a leading data security and privacy consulting firm assisting organizations comply with constantly evolving security frameworks and privacy regulations.

Red Access

Red Access

Red Access provides the first SaaS-based platform to protect web browsing from cyber threats on any browser and any in-app while ensuring frictionless user experience.

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions is an Enterprise Cyber Security Platforms company offering Cyber Security & Technical Education and Compliance & Penetration Testing Services.

CryptoNext Security

CryptoNext Security

CryptoNext provides optimal end-to-end post-quantum cybersecurity remediation tools and solutions for IT/OT infrastructures & applications.

ADNET Technologies

ADNET Technologies

ADNET Technologies is a SOC 2, Type II Compliant IT management and cybersecurity firm.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

Information Security Society of Africa – Nigeria (ISSAN)

Information Security Society of Africa – Nigeria (ISSAN)

The Information Security Society of Africa – Nigeria (ISSAN) is a not-for-profit organization dedicated to the protection of Nigeria’s cyberspace.