WHAT WE DO

Today’s dealmakers know they face cyber risks, but often lack the internal resources to identify and respond to them. Yet cyber compromises present a critical risk for dealmakers. Promising investment performance can be completely undermined by the regulatory fines from a data breach, digital intellectual property theft, or the business disruption caused by a ransomware attack.

Working in step with deal teams, we highlight key areas of vulnerability and provide clear corrective actions to reveal and enhance the cyber security value of investment targets and portfolio companies.

Our insights provide an invaluable perspective to deal teams and corporate boards on the cyber risks which will be critical to a company’s success.

We commonly work at the pre-acquisition phase or on post-acquisition portfolio reviews. Our cyber due diligence assessments cover:

  • Security governance;
  • Incident response frameworks;
  • Vulnerability of intellectual property;
  • Data privacy; and,
  • Regulatory risk.

 

 

WHY S-RM

Deal-focused. We have worked on over 450 deals. We know how to integrate our work into deal flows, focus on your most important questions, and adapt as priorities change.

Clear conclusions. Our work can be highly technical, but our findings are always clear and practical so you can make faster decisions based on our recommendations.

Accessible expertise. We know that timely access to information can be critical. Our consultants are always available to help progress a transaction.

Client Successes

A US-based investor wanted to acquire a global financial services company in a USD 1 billion transaction, however in the aftermath of GDPR, the investor was concerned about the data privacy risks associated with the deal. Our due diligence process gave the investor sufficient clarity on the nature and extent of the data held by the company that they could proceed.

A European private equity company asked S-RM to conduct cyber due diligence prior to their acquisition of a 5,000 person FMCG company. Our due diligence uncovered significant weaknesses in the cyber security governance at the company, resulting in a renegotiation of the valuation.

A global private equity company contacted S-RM to assess the cyber security of three target companies, in particular any potential risks from a merger of their infrastructure post-acquisition. Through detailed interviews and technical reviews with the subject companies, we were able to provide sufficient assurance to the client for the deal to proceed.

A US private equity company sought cyber due diligence ahead of the acquisition of a hospitality group based in Asia. S-RM benchmarked all of the target’s data policies against known regulations, highlighting deficiencies, and carried out comprehensive dark web research to ensure there was no evidence of previous data compromises, allowing the client to proceed to the next stage of the deal with confidence.

Speak to our experts

Related Practices

Featured Insights