50% of M&A Security Concerns are Non-Malicious
More than half of the security incidents related to mergers and acquisitions in 2024 were actually non-malicious, the result of delays in investigations post-integration, challenges with policies and compliance, and difficulties in setting up internal tools, according to a report from ReliaQuest. This shows that assets inherited during M&A activities pose a significant risk.
Interestingly, discussions on cybercriminal forums indicate that threat actors specifically target companies going through M&A processes. They exploit perceived security vulnerabilities while employees are focused on the merger logistics. Cybercriminals view M&A information as valuable for insider trading, blackmail, or other profit-making schemes.
Breaking it down by sector, the manufacturing industry experienced the most M&A-related incidents, making up 42% of customer M&A issues. This could be due to the sector’s reliance on outdated systems that make updates and incident responses more complex, especially during a merger.
On the other hand, the finance and insurance, professional, scientific, and technical services (PSTS), and retail trade sectors each had 8% of M&A incidents. This may be because these industries have strict regulatory requirements and simpler technology integrations.
The report from ReliaQuest highlights the top cybersecurity challenges during M&A processes and provides recommendations to address them:
1. Adjusting to New Compliance Standards: Utilize adaptable security operations platforms to meet different compliance needs across merged entities.
2. Addressing Threats from Inherited Assets: Conduct detailed due diligence to identify vulnerabilities or breaches in inherited systems. Use digital risk protection to identify risks like exposed credentials.
3. Resolving Visibility Gaps in Logging: Use integrated security operations platforms to consolidate logging and monitoring tools for consistent visibility.
4. Consolidating Operational Tools: Streamline security tech tools while ensuring they are compatible with existing solutions.
5. Improving Threat Response Post-M&A: Enhance threat detection and response processes to reduce the risk of delayed responses.
Looking to the future, ReliaQuest predicts that dealing with cybersecurity in the M&A landscape will become more challenging. Factors like changing regulations, increased cloud adoption, and AI-generated spearphishing attacks from smaller ransomware groups are expected to make cybersecurity in M&A situations even more complex in 2025.
