As vendor risk management becomes a more clear and present danger, the challenge for mitigating vendor risk is twofold:
The mergers and acquisitions process is scary enough, but absorbing another company’s digital assets without full visibility into their entire digital infrastructure is downright harrowing. This is perhaps best evidenced by Marriott’s experience during their Starwood acquisition: after the acquisition had been finalized, Marriott discovered a major data breach. Marriott’s direct losses due to the breach range between $200 million and $600 million. On the high end, that is nearly 5% of the total Starwood acquisition price—a high price to pay for negligence.
Thankfully, there’s a process for mitigating your cyber risk during the M&A process so you can avoid a mistake like Marriott’s. In a recent article published in SC Magazine, the process is outlined in five important steps: