In a recent report by ReliaQuest, it was revealed that over half of the M&A security incidents reported in 2024 were non-malicious in nature. These incidents stemmed primarily from integration-induced investigation delays, policy, and compliance challenges, as well as difficulties in baselining internal tools. This raises concerns around inherited assets during mergers and acquisitions (M&A), which pose significant risks as firms attempt to integrate their operations.

The report highlights a troubling trend in which cybercriminals are believed to deliberately target companies involved in M&A activities. Discussions on cybercriminal forums indicate that these actors perceive security weaknesses that emerge when organisations become focused on the logistics of merging, allowing them to exploit these vulnerabilities. Such cybercriminal activities can lead to the monetisation of sensitive M&A information for insider trading or even blackmail.

Sector-wise analysis from the ReliaQuest report indicates that the manufacturing sector experienced the most M&A-related security issues, representing 42% of customer M&A incidents. The high rate of incidents in this sector may be attributed to its reliance on legacy systems and operational technologies that complicate updates and incident response, especially during M&A transitions. Conversely, the finance and insurance, professional, scientific, and technical services (PSTS), and retail trade sectors each accounted for 8% of incidents. The relatively lower figures in these sectors can be linked to stringent regulatory compliance requirements paired with simpler technology integrations.

The report further elaborates on the five primary cybersecurity challenges encountered during M&A processes and offers insights on strategies to address them:

  1. Adapting to New Compliance Standards: Companies are encouraged to use flexible security operations platforms that can manage various compliance requirements across merged entities. This involves actively monitoring for regulatory gaps and aligning processes to meet required standards.

  2. Managing Threats from Inherited Assets: Firms should perform thorough due diligence to pinpoint inherited vulnerabilities and employ digital risk protection measures to scout for risks such as exposed credentials within both open and dark web environments.

  3. Eradicating Blind Spots in Logging Visibility: An integrated security operations platform is recommended to unify logging and monitoring tools, which would improve visibility across both legacy and newly acquired systems.

  4. Unifying Operational Tools Post-M&A: The report suggests that businesses standardise and consolidate their security technology stack while ensuring compatibility with existing solutions, allowing for seamless integration and reduced complexity.

  5. M&A Hindering Threat Response: To alleviate delays in responding to threats, the centralisation and automation of threat detection and response procedures are advised, thereby streamlining operations across varied environments.

Looking ahead, ReliaQuest anticipates that navigating the M&A threat landscape will become increasingly challenging in 2025. Expected developments include the potential relaxing of cybersecurity regulations and evolving threats from smaller ransomware groups that may exploit weakened firms using AI-generated spear-phishing tactics. Additionally, with the continuous rise in cloud adoption, operational complexity is poised to increase further.

The findings and recommendations presented in the report highlight the pressing need for businesses engaged in M&A to reevaluate their cybersecurity strategies in light of emerging technologies and the changing threat landscape.

Source: Noah Wire Services