Case Study
In the context of an international corporate takeover, we assisted a private equity investor in assessing the IT and cyber risks of the target company. In view of increasing cyber incidents in M&A contexts, it was crucial to identify and monetize potential security gaps before the transaction was completed. Our task included a technical analysis of the existing infrastructure, a review of the existing security concepts and an assessment of resilience to attacks. In addition, we assessed potential legacy issues from previous incidents and identified regulatory risks - particularly with regard to data protection and cloud compliance. The results fed directly into the purchase price negotiations and were used to derive a 100-day plan for post-merger integration.
Core aspects of our project work:
- Conducting a cyber due diligence (technical & organizational)
- Assessment of vulnerabilities, incidents and regulatory risks
- Monetary assessment of potential risks to adjust the deal price
- Development of an action plan for the integration phase
