Private Equity and Cyber Security: The 3 Weak Points

Uploaded on 2015-03-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

If you are a private equity general partner, and not directly involved in cyber security, you may well be astonished by how frequent, how persistent and how well organised cyber attacks are. You may well also be surprised that a private equity general partner – as well as its portfolio companies – is of special interest to cyber attackers.

Private equity COOs and managing partners should consider the three main areas of the private equity business model that are susceptible to cyber attack:

1. Acquisitions and disposals

The cyber security threat around corporate finance transactions has already been recognised as a key issue by HM Government. M&A activity is a common target of espionage, ranging from corrupt competitors to foreign intelligence services. During the weeks or months leading up to a change in ownership, organisations on all sides of a deal face a heightened risk of cyber espionage from interested parties seeking to gain competitive advantage in the process.
The timing of these attacks does not necessarily correlate with the deal news going public; they frequently occur before this and it should be assumed that as soon as the idea of a merger or acquisition is discussed – even in private – there is a risk of a compromise. You may therefore wish to operate under the assumption you are at risk at all times, and put in place the necessary measures.

2. Financial information

Private equity firms are at greater risk than most businesses when it comes to higher value fraud attempts via cyber attack. You are likely to hold financial and business information relating to your fund, your portfolio companies and your investors. All of this data has the potential to yield a high value return for an attacker.

3. Erosion of portfolio company valuation

All companies – whether private equity-owned or not – are at risk of cyber attack. We will look in subsequent blogs at which assets within a portfolio are most at risk, but suffice to say that cyber attacks, in particular due to the reputational damage they can cause, can have a tangible effect on company valuation.

A successful private equity general partner understands which risks might undermine success and cyber security is no different. The GP needs to consider the specific cyber threats facing the businesses in their portfolio, and ensure that these risks are being managed. This is not purely a technology challenge, but also involves people, information systems, processes, culture and physical surrounding – A holistic view needs to be taken. Understanding and managing these risks will allow PE to capitalise on the immense opportunity for growth and develop in a digital age.

To get a sense of the sheer scale of corporate cyber crime, I would recommend reading this Financial Times article by Caroline Binham, in which members of our cyber security team discuss the developing battleground of cyber warfare.

http://ow.ly/K6R54

« How you could become a victim of cybercrime in 2015
The Dark Web: anarchy, law, freedom and anonymity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Delphix

Delphix

Delphix is the industry leader for DevOps test data management.

Association of Information Security Professionals (AISP)

Association of Information Security Professionals (AISP)

The Association of Information Security Professionals (AISP) represents the interests of information security professionals in Singapore.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

National Cyber and Information Security Agency (NUKIB) - Czech Republic

National Cyber and Information Security Agency (NUKIB) - Czech Republic

NUKIB is the central Czech government body for cyber security, the protection of classified information in the area of information and communication systems and cryptographic protection.

Block Armour

Block Armour

Block Armour is a Mumbai and Singapore based venture focused on harnessing emerging technologies to counter growing Cybersecurity challenges in bold new ways.

Axence

Axence

Axence provides professional solutions for the comprehensive management of IT infrastructure for companies and institutions all over the world.

Approach

Approach

Approach is a leading provider of cyber security consulting and secure application development services in Belgium.

Wizlynx PTE LTD

Wizlynx PTE LTD

Wizlynx PTE LTD is the Singapore branch of Wizlynx Group located in Singapore, offering Information and Cyber Security Services throughout the entire Asia Pacific (APAC) region.

NeuShield

NeuShield

NeuShield is the only anti-ransomware technology that can recover your damaged data from malicious software attacks without a backup.

SECFORCE

SECFORCE

SECFORCE is a leading information security consultancy specialising in bespoke penetration testing and red team engagements.

Cyber Security Forum Initiative (CSFI)

Cyber Security Forum Initiative (CSFI)

CSFI is a non-profit organization with a mission to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training.

Logit.io

Logit.io

Logit.io is a log analysis & management platform that provides a scalable solution for hosting the open-source tools Elasticsearch, Logstash, and Kibana.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.

Extreme Networks

Extreme Networks

Since 1996, Extreme has been pushing the boundaries of networking technology, driven by a vision of making it simpler and faster as well as more agile and secure.

Smile Identity

Smile Identity

Smile Identity helps businesses confirm the true identity of their users in real-time using any smartphone or computer.

KTrust

KTrust

KTrust provides Continuous Threat Exposure Management for Kubernetes environments.