Defense in Depth

Do Companies Undergoing a Merger or Acquisition Get Targeted for Attacks?

Jul 18, 2024

Andrew Cannata, CISO at Primo Water, joins the discussion on M&A cybersecurity risks. Topics include IPO vulnerability, context changes in M&A, and ambiguity's impact on risk. The importance of cybersecurity diligence and employee awareness during mergers highlighted. Emphasizes security controls, challenges in merging cultures, and data protection. Explores post-merger changes in security programs, privacy, and attacker tactics. The significance of maintaining strong cybersecurity measures during organizational changes like mergers to avoid cyber threats.

26:48

Creator website

Episode guests

Andrew Cannata

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

M&A transitions create temporary security vulnerabilities, leading to increased cyber risk.

Integrating and aligning security postures after M&A is crucial to mitigate risks effectively.

Deep dives

The Impact of Mergers and Acquisitions on Cyber Risk

During mergers and acquisitions, the risk of cyberattacks may not directly result from the action itself but rather from the integration of systems and increased vulnerabilities. Anecdotal evidence suggests that cyberattacks may be more related to the integration challenges and temporary security gaps following the merger or acquisition.

Intro

3min

Cybersecurity Risks in Mergers and Acquisitions

9min

Security Controls During Mergers and Acquisitions and the Role of Data Security Sponsor

5min

Impacts of Mergers and Acquisitions on Organization Security

7min

Cybersecurity Vigilance During Organizational Changes

4min

All links and images for this episode can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Christina Shannon, CIO, KIK Consumer Products. Joining us is Andrew Cannata, CISO, Primo Water.

In this episode:

The lure of an IPO is debatable
Does an IPO make you a target or just more vulnerable?
M&A changes your context
Ambiguity creates risk

Thanks to our podcast sponsor, Cyera

Cyera’s AI-powered data security platform gives companies visibility over their sensitive data, context over the risk it represents, and actionable, prioritized remediation guidance.  As a cloud-native, agentless platform, Cyera provides holistic data security coverage across SaaS, PaaS, IaaS and On-premise environments. Visit www.cyera.io to learn more.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Defense in Depth

Do Companies Undergoing a Merger or Acquisition Get Targeted for Attacks?

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Impact of Mergers and Acquisitions on Cyber Risk

Cybersecurity Challenges During Mergers and Acquisitions

Managing Security Posture During Mergers and Acquisitions

The Perfect Storm of Cyber Risk Amid Mergers and Acquisitions

Remember Everything You Learn from Podcasts