Skip to main content

82% say cyber will change deal processes in the next 18 months

Cyber security in M&A

Dealmakers neglect cyber due diligence

Complacency among dealmakers is common despite risk of deal collapse.

Cyber risk presents a major threat to deals. Around 90 per cent of respondents believe cyber breaches would result in a reduction in deal value and 83 per cent believe a deal could be abandoned if cyber security breaches are identified during deal due diligence or mid-transaction.

Yet too few deal makers are addressing the threat. Around 78 per cent say cyber security is not a risk that is currently analysed in-depth or dealt with in deal due diligence.

Dealmakers’ top concerns include targets suffering cyber-attacks during deal discussions, the target being a proven victim of data or intellectual property (IP) theft by cyber-attack, and evidence of a target not handling a past breach effectively (leading to fines, damage to reputation etc.).

Interestingly, acquirers (30 per cent) are most concerned about cyber security issues derailing transactions, whereas 81 per cent of sellers are unconcerned or only slightly concerned about the risk of derailment.

Edward Braham, Freshfields' senior partner, added, 'The message to dealmakers – whether buyer or seller – is to evaluate cyber risk in the same way they would any other risk that could affect the value of a target. Cyber risk presents a significant threat to the operations, reputation, and the bottom line of virtually every company, regardless of industry. While market practice is still developing in this area, buyers can use an M&A process to understand better the cyber risk a target faces.'