We surveyed 100 private equity firms across EMEA and the US on their approach to cyber security throughout the investment cycle.

We found that while awareness of cyber threats is widespread, many firms face challenges in translating this awareness into effective, cost-efficient programmes that deliver measurable improvements in cyber resilience.

70% of firms now conduct cyber due diligence on every acquisition target, yet spending on cyber due diligence is much lower than that on technology due diligence.

72% of respondents reported experiencing a serious cyber incident within their portfolio in the last three years, underscoring the necessity of proactive measures.

Only 63% require annual cyber assessments across their portfolios, revealing a significant opportunity for improved risk management practices.