(Bloomberg) -- Cybersecurity issues are
increasingly becoming a concern in mergers and acquisitions, a new
survey shows, and lapses can jeopardize deals or haunt purchasers
long after the deal is done.
Of more than 2,700 information technology and
business decision makers surveyed by Forescout Technologies Inc. in
seven countries, 53% reported that their organization had
encountered a critical cybersecurity issue or incident that put an
M&A deal in jeopardy. And 65% of respondents said they had
experienced buyersâ remorse because of cybersecurity concerns after
closing a deal.
The findings, released Monday, show that taking
the time to conduct cybersecurity evaluations is important before
and during an acquisition, even if it means finalizing the deal
gets delayed, said Julie Cullivan, chief technology and people
officer at Forescout. The company sells a security platform that
allows companies to monitor and control access to their
âCybersecurity is a challenge for every
organization, and risk factors are changing all the time,â Cullivan
said. âItâs about making sure you put as much energy into it up
Recent acquisitions highlight the threat that
cyber risks can pose to a companyâs reputation and bottom line.
Verizon Communications Inc. acquired Yahooâs
Internet properties in 2017 at a $350 million discount after
security breaches surfaced at the web company. And Marriott
International Inc. inherited a massive security risk when it bought
Starwood, including a breach that was disclosed just days after the
deal was announced.
Yahoo and Starwood arenât isolated incidents.
Earlier this month, Asco Industries, which Spirit AeroSystems
Holdings Inc. agreed to buy in May 2018, was hit by a large-scale
ransomware attack. The attacked cause a âseriousâ disruption of
Ascoâs activities and its sites in Belgium, Canada, Germany and the
U.S. were stopped.
Spirit AeroSystems won EU approval for the deal
in March, but the acquisition has yet to be completed.
Thorough cybersecurity assessments that include
utilizing third-party audits can often help avoid these types of
issues, said Joe Cardamone, senior information security analyst and
North America privacy officer for Haworth Inc., a designer and
manufacturer of office furnishing products in Holland,
âItâs not an intangible risk. Itâs a very
tangible thing and true money that can be lost,â said Cardamone,
who has been involved in Haworthâs acquisition of at least six
companies. âTreat it like you are buying a used car. Iâd still want
to look underneath the hood.â
Haworth, which is a Forescout customer, revamped
its acquisition policy about five years ago to include information
--With assistance from Joshua Fineman.
To contact the reporter on this story: Derek Hall
in Chicago at [email protected]
To contact the editors responsible for this
story: Catherine Larkin at [email protected], Jeran
For more articles like this, please visit us at
Â©2019 Bloomberg L.P.