Tech Vigil
No Result
View All Result
  • Login
  • Home
  • Business
    • Cell Phone
  • Computers
    • Data Security
  • Digital Marketing
    • E-Commerce
  • Gadgets
    • Apps
  • Laptops
    • Microsoft
    • Software
  • Networking
  • Tech
  • Contact
  • Pages
    • About Us
    • DMCA
    • Privacy Policy
    • Terms and Conditions
  • Home
  • Business
    • Cell Phone
  • Computers
    • Data Security
  • Digital Marketing
    • E-Commerce
  • Gadgets
    • Apps
  • Laptops
    • Microsoft
    • Software
  • Networking
  • Tech
  • Contact
  • Pages
    • About Us
    • DMCA
    • Privacy Policy
    • Terms and Conditions
No Result
View All Result
Tech Vigil
No Result
View All Result
Home Data Security

Don’t Acquire a Company Until You Evaluate Its Data Security

Ronnie Daniels by Ronnie Daniels
April 18, 2019
Reading Time:3min read
0

When Marriott International received Starwood in 2016 for $13.6 billion, neither employer was aware of a cyber-attack on Starwood’s reservation gadget that dated back to 2014. The breach, which uncovered the sensitive personal data of almost 500 million Starwood customers, is a super instance of what we name a “statistics lemon” — a concept drawn from economist George Akerlof’s paintings on information asymmetries and the “lemons” problem. Akerlof’s insight changed into that a customer does no longer understand the nice of a product being presented by a supplier, so the purchaser risks shopping a lemon — think about automobiles.

RELATED POSTS

The 8 key methods to evaluate healthcare facts protection tools

NCipher, Credence Security

Why purge is the subsequent cyber buzzword

We are extending that idea to M&A activity. In any transaction among an acquiring employer and a goal employer (dealer), there is asymmetric data approximately the goal’s nice. While managers have long understood this idea, recent occasions shed light on an emerging nuance in M&A — that of the information lemon. That is, a goal’s fine can be linked to the strength of its cybersecurity and its compliance with information privacy regulation. When an acquirer does now not guard itself in opposition to a records lemon and are searching for enough information approximately the goal’s records privateness and safety compliance, the acquirer may be left with a facts lemon — a safety breach, for example — and resulting authorities penalties, together with brand harm and loss of consider. That’s the scenario Marriott is now managing. The employer faces $912 million in GDPR fines within the EU and its inventory fee has taken successfully. The hassle doesn’t stop there. According to Bloomberg, “the enterprise ought to face up to $1 billion in regulatory fines and litigation prices.”

 

Marriott isn’t the handiest organization in this situation. In 2017, Verizon discounted its original $4.Eight billion purchase price of Yahoo with the aid of $350 million after it found out — post-acquisition — of the latter’s information breach exposures. Similarly, in April 2016, Abbott announced the acquisition of St. Jude Medical, a clinical tool producer based totally in Minnesota, best to the research of a hacking hazard in 500,000of St. Jude’s pacemakers a 12 months later in 2017. Abbott finishing up recalling the devices. Daiichi Sankyo, a Japanese firm, received, Ranbaxy an Indian pharmaceutical producer. Daiichi Sankyo later went to courts alleging that the target company misrepresented FDA safety compliance statistics to Daiichi(among different issues).

So what to do about information lemons? You can clearly make the deal anyway, mainly if the cost created by way of the deal outweighs the risks. Or you can take the Verizon path and reduce the valuation put up-acquisition. We advocate a third alternative: due diligence no longer simply on the financials of the coal company, but also its regulatory vulnerabilities throughout the M&A dialogue procedure. The concept is to identify capability statistics breaches and cybersecurity issues before they turn out to be your problem.

Finding the Problem Before You Own It

ADVERTISEMENT

In this method, we borrow from mounted compliance requirements meant to protect in opposition to bribery and environmental troubles. The acquirer would investigate the goal firm’s past data breaches and require disclosure of prior information-related audits and any pending investigations international. The obtaining company would additionally behavior an assessment of the target’s methods and approaches regarding statistics protection — like an ideal use of facts, records classification, and records handling. The acquirer has to also examine target company compliance with cybersecurity frameworks from NIST, CIS, ISO, and the AICPA.

If a few hazards are found all through the due diligence, an acquirer have to engage in a more intense audit of the goal firm’s policies. For example, does the goal adheres to any type of records requirements or certifications? (Examples consist of Graham Leach Bliley and HIPAA.) Finally, due diligence has to additionally consist of a review of the data-privateness necessities in third-party contracts.

Also, note that documents that trade arms between the target and obtaining companies can themselves emerge as risks for “information spillage” — the unintentional launch of sensitive records. Hence both the target and acquiring firm are particularly liable to assault by hackers for the duration of the M&A due diligence procedure, on occasion thru a hack of 0.33 events including banks, regulation companies, accounting corporations, or third-celebration carriers concerned in M&A. It’s vital to increase the security of such information and assessment the practices of 0.33 events to reduce such danger.

Once You’ve Acquired a Data Lemon

Even in case you’ve done all the above, you may still collect an information lemon. What should you do then? At this point, it’s miles vital to installation an incident reaction strategy to address dangers, such as each those that are legal or regulatory or patron-facing in nature. Such an incident-response approach needs to be brief and decisive, adopting a multi-disciplinary technique, and the board ought to be brought in. Management of public members of the family and outreach to policymakers will be transparent. These are simply on the spot steps. The acquiring company desires to review the practices that brought about the breach and discover measures to improve the data privacy compliance application going forward.

ShareTweetPin
Ronnie Daniels

Ronnie Daniels

Related Posts

The 8 key methods to evaluate healthcare facts protection tools
Data Security

The 8 key methods to evaluate healthcare facts protection tools

April 18, 2019
NCipher, Credence Security
Data Security

NCipher, Credence Security

April 18, 2019
Why purge is the subsequent cyber buzzword
Data Security

Why purge is the subsequent cyber buzzword

April 18, 2019
Filling the Cybersecurity Void
Data Security

Filling the Cybersecurity Void

April 18, 2019
Justdial Says Data Leak Affecting a hundred Mn Users Fixed
Data Security

Justdial Says Data Leak Affecting a hundred Mn Users Fixed

April 18, 2019
JustDial’s protection breach reportedly compromises statistics of 100M customers
Data Security

JustDial’s protection breach reportedly compromises statistics of 100M customers

April 18, 2019
Next Post
The 8 key methods to evaluate healthcare facts protection tools

The 8 key methods to evaluate healthcare facts protection tools

Smartphone carriers to spend ₹330 crore on virtual advertising in India

Smartphone carriers to spend ₹330 crore on virtual advertising in India

No Result
View All Result

Today Trending

5 Must Know Mac Shortcuts
Laptops

5 Must Know Mac Shortcuts

by Ronnie Daniels
December 22, 2020
5 Great Adobe Spark Tips and Tricks to Perfect Your Craft
Software

5 Great Adobe Spark Tips and Tricks to Perfect Your Craft

by Ronnie Daniels
December 20, 2020
Laptops

Buying a Laptop? Tips on What to Look For (What to Avoid)

by Ronnie Daniels
December 15, 2020
Marketing
Digital Marketing

Join Affiliate Marketing & Get Paid for Your Marketing Skills

by Ronnie Daniels
December 2, 2020
How to choose best SEO Services?
Tech

How to choose best SEO Services?

by Ronnie Daniels
November 2, 2020

Editior's Picks

E-commerce policy in all likelihood to be introduced earlier than February 25, says CAIT
E-Commerce

E-commerce policy in all likelihood to be introduced earlier than February 25, says CAIT

February 11, 2019
Massive e-commerce growth predicted for HK in 2019
E-Commerce

Massive e-commerce growth predicted for HK in 2019

February 11, 2019
Washington University pupil hit inside the face, robbed of his cellular phone
Cell Phone

Washington University pupil hit inside the face, robbed of his cellular phone

February 11, 2019
The high-quality virtual marketing stats we’ve seen this week
Digital Marketing

The high-quality virtual marketing stats we’ve seen this week

February 14, 2019
Microsoft patent ought to mean smart fabric skills on laptops and wearables
Laptops

Microsoft patent ought to mean smart fabric skills on laptops and wearables

February 14, 2019

About Us

TechVigil is the best website where You can get daily update on internet stuff just like digital Marketing, mobile and tech also many more so subscribe our newsletter to never miss any update from us.

Contact Us: [email protected]

Editior’s Picks

  • 5 Must Know Mac Shortcuts
  • 5 Great Adobe Spark Tips and Tricks to Perfect Your Craft
  • Buying a Laptop? Tips on What to Look For (What to Avoid)
  • Join Affiliate Marketing & Get Paid for Your Marketing Skills
  • How to choose best SEO Services?

Newsletter

Latest Post

5 Must Know Mac Shortcuts
Laptops

5 Must Know Mac Shortcuts

by Ronnie Daniels
December 22, 2020

© 2020- TechVigil | All Rights Reserved To Us

No Result
View All Result
  • About Us
  • Contact
  • DMCA
  • Home
  • Privacy Policy
  • Terms and Conditions

© 2020- TechVigil | All Rights Reserved To Us

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In