Guide to Cybersecurity Due Diligence in M&A Transactions

“Almost all acquisitions involve Intellectual Property assets and Internet/IT considerations. This desktop reference helps the acquirer determine whether they are buying a valuable asset or a potentially uncapped liability. Insightful and useful, this volume also helps frame the post-acquisition interconnection of cyber assets. It is an excellent companion piece to the ABA Cybersecurity Handbook, and other invaluable ABA publications and CLE programming.” —Vincent Polley, Co-Chair, ABA Cybersecurity Legal Task Force In the Digital Era, ubiquitous connectivity has spared no enterprise the risks of being hacked from anywhere in the world. Whether the intruder’s purpose is to steal, change, or destroy information, or to use its unauthorized access to harm and disrupt the enterprise’s operations, the attackers have continued to increase their advantage over the defenders. Virtually all enterprises have been breached and their sensitive information compromised.   The reality of this threat, coupled with the near total dependence of today’s businesses on networked digital technology, presents a major risk of catastrophic consequences to most businesses. And acquiring or merging with any business involves taking on that risk. Thus, in any M&A transaction, an evaluation of the target’s cybersecurity capabilities and experience is critical. This comprehensive and valuable guide, Guide to Cybersecurity Due Diligence in M&A Transactions is designed to assist companies and their counsel in assessing that risk. Beginning with an introduction to the importance of cybersecurity due diligence, the Guide explains to M&A counsel and their clients the key requirements of the cybersecurity due diligence process that should be part of every M&A transaction. This Guide can be read cover-to-cover, or used when counsel or clients want to get up to speed on specific issues, such as: The importance of cybersecurity due diligence for an M&A deal Lessons from recent cyber incidents including Nieman Marcus, Yahoo, Target Corporation, Sony Pictures, and Volkswagen Identifying a target’s high-value digital assets Evaluating incident response capabilities, supply chain risks, or assessment of a target’s resilience And much more!