Cyber due diligence

Preserving and enhancing value through timely insights on the cyber security risks to investment targets and portfolio companies. 


Today’s dealmakers know they face cyber risks, but often lack the internal resources to identify and respond to them. Working in step with deal teams, we highlight key areas of vulnerability and provide clear corrective actions to reveal and enhance the cyber security value of investment targets and portfolio companies.  

Crisis & Risk Management Logo 2023 transparent-1


Why S-RM?


We have worked on over 450 deals. We know how to integrate our work into deal flows, focus on your most important questions, and adapt as priorities change.

Clear conclusions

Our work can be highly technical, but our findings are always clear and practical so you can make faster decisions based on our recommendations.

Accessible expertise

We know that timely access to information can be critical. Our consultants are always available to help progress a transaction.

Insights to inform investment decisions

Our insights provide an invaluable perspective to deal teams and corporate boards on the cyber risks which will be critical to a company’s success. We commonly work at the pre-acquisition phase or on post-acquisition portfolio reviews. 

Our cyber due diligence assessments cover:

  • Security governance
  • Incident response frameworks
  • Vulnerability of intellectual property
  • Data privacy
  • Regulatory risk
Case study

Identifying data privacy risks 

A US-based investor wanted to acquire a global financial services company in a USD 1 billion transaction, however in the aftermath of GDPR, the investor was concerned about the data privacy risks associated with the deal. Our due diligence process gave the investor sufficient clarity on the nature and extent of the data held by the company that they could proceed.


Case study

Uncovering cyber risk pre-acquisition  

A European private equity company asked S-RM to conduct cyber due diligence prior to their acquisition of a 5,000 person FMCG company. Our due diligence uncovered significant weaknesses in the cyber security governance at the company, resulting in a renegotiation of the valuation. 



Case study

Private equity pre-deal support 

A global private equity company contacted S-RM to assess the cyber security of three target companies, in particular any potential risks from a merger of their infrastructure post-acquisition. Through detailed interviews and technical reviews with the subject companies, we were able to provide sufficient assurance to the client for the deal to proceed. 



Case study

Benchmarking data policies 

A US private equity company sought cyber due diligence ahead of the acquisition of a hospitality group based in Asia. S-RM benchmarked all of the target’s data policies against known regulations, highlighting deficiencies, and carried out comprehensive dark web research to ensure there was no evidence of previous data compromises, allowing the client to proceed to the next stage of the deal with confidence. 



Speak to our expert

Lenoy Barkai
Lenoy Barkai

Director, Cyber Security

Lenoy Barkai
Lenoy Barkai
Director, Cyber Security

Lenoy is a Director in S-RM’s cyber security division. She has over 10 years’ experience spanning security risk management and strategic consulting. Since joining S-RM in 2018, Lenoy has supported clients working through complex cyber and physical security challenges, and has led projects spanning the financial services and insurance, energy, manufacturing and FMCG sectors, among others.

Prior to joining S-RM, she worked as a portfolio manager for a global asset management firm. She is a CFA Charterholder and has an MA in International Relations from King’s College London.

Talk to us today

Understand cyber risk ahead of investment decisions

Get clear insights into cyber risk with our team of experts.

Transactional due diligence3-2