Private Equity and Cyber Security: The 3 Weak Points

Uploaded on 2015-03-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

If you are a private equity general partner, and not directly involved in cyber security, you may well be astonished by how frequent, how persistent and how well organised cyber attacks are. You may well also be surprised that a private equity general partner – as well as its portfolio companies – is of special interest to cyber attackers.

Private equity COOs and managing partners should consider the three main areas of the private equity business model that are susceptible to cyber attack:

1. Acquisitions and disposals

The cyber security threat around corporate finance transactions has already been recognised as a key issue by HM Government. M&A activity is a common target of espionage, ranging from corrupt competitors to foreign intelligence services. During the weeks or months leading up to a change in ownership, organisations on all sides of a deal face a heightened risk of cyber espionage from interested parties seeking to gain competitive advantage in the process.
The timing of these attacks does not necessarily correlate with the deal news going public; they frequently occur before this and it should be assumed that as soon as the idea of a merger or acquisition is discussed – even in private – there is a risk of a compromise. You may therefore wish to operate under the assumption you are at risk at all times, and put in place the necessary measures.

2. Financial information

Private equity firms are at greater risk than most businesses when it comes to higher value fraud attempts via cyber attack. You are likely to hold financial and business information relating to your fund, your portfolio companies and your investors. All of this data has the potential to yield a high value return for an attacker.

3. Erosion of portfolio company valuation

All companies – whether private equity-owned or not – are at risk of cyber attack. We will look in subsequent blogs at which assets within a portfolio are most at risk, but suffice to say that cyber attacks, in particular due to the reputational damage they can cause, can have a tangible effect on company valuation.

A successful private equity general partner understands which risks might undermine success and cyber security is no different. The GP needs to consider the specific cyber threats facing the businesses in their portfolio, and ensure that these risks are being managed. This is not purely a technology challenge, but also involves people, information systems, processes, culture and physical surrounding – A holistic view needs to be taken. Understanding and managing these risks will allow PE to capitalise on the immense opportunity for growth and develop in a digital age.

To get a sense of the sheer scale of corporate cyber crime, I would recommend reading this Financial Times article by Caroline Binham, in which members of our cyber security team discuss the developing battleground of cyber warfare.

http://ow.ly/K6R54

« How you could become a victim of cybercrime in 2015
The Dark Web: anarchy, law, freedom and anonymity »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Rapid7

Rapid7

Rapid7 unites cloud risk management and threat detection to deliver results that secure your business and ensure you’re always ready for what comes next.

Lakeside Software

Lakeside Software

Lakeside Software is how organizations with large, complex IT environments can finally get visibility across their entire digital estates and see how to do more with less.

MarQuest

MarQuest

MarQuest provides services and systems to enhance network reliability and security.

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

Aviva

Aviva

Aviva provides Cyber Liability cover for small to mid-market customers to help combat the threat of data and privacy breach.

HYPR

HYPR

HYPR Decentralized Authentication minimizes the risk of enterprise data breaches while providing an enhanced user experience for your customers and employees.

BrandShield

BrandShield

BrandShield is an anti-counterfeiting, anti-phishing and online brand protection solution.

Hawk Network Defense

Hawk Network Defense

HAWK.io is the First Fully Automated, Multi-Tenant, Cloud-Based, MDR Service Company.

Cyber Griffin

Cyber Griffin

Founded by the City of London Police in 2017, Cyber Griffin is an initiative that supports businesses and individuals in the Square Mile to protect themselves from cyber crime.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

comforte AG

comforte AG

comforte AG is a leading provider of data-centric security technology. Organizations worldwide rely on our tokenization and format-preserving encryption capabilities to secure personal, sensitive data

NANDoff Data Recovery

NANDoff Data Recovery

NANDoff is a flat rate data recovery service. We serve the electronics industry around the globe 24/7.

Cyber Security Global

Cyber Security Global

Cyber Security Global is a leader in electronic security, consultancy, technology, cybersecurity solutions, training, and specialized products.