It is hard to know whether investment in cybersecurity is warranted or effective without detailed and current information about threats, risks, costs and the performance of your current defences, strategies and policies. The cyber threat landscape and its legal challenges are constantly evolving, with fines of up to 4% of global turnover in each separate privacy jurisdiction, the threat of class action lawsuits and the increasing risk of executives being sued personally.
One of the most important things to have in cybersecurity is an independent external audit of your cybersecurity measures. Indeed, GDPR compliance requires an independent audit. The pre-aquisition audit is different, but just as essential. In mergers and acquisitions the purchaser will apply a discount for unknown risks. Recently in several acquisitions, like Marriott's acquisition of Starwood Hotels, the acquired company was subsequently found to have suffered an undetected breach. The consequence of this was a massive £18.4M regulatory fine for the acquirer, Marriott as well as the costs of remediation, with class action lawsuits outstanding.
A company up for sale can realise a much higher valuation with an independent audit to prove that it has not been the victim of a breach and that its IT security precautions are adequate.
How We Can Help
KITS can offer a standards-based management decision support solution using current and maintained threat, risk and cost data with an easy-to-use management dashboard and reports. Adapt the model data to suit your own business and applications. Test ‘what if’ cases easily to check alternatives. Ensure that your cybersecurity investments are productive, proportionate and can be defended to regulators and in court.
KITS can use its tools and technologies to detect breaches in organisations and remediate if discovered, helping to maximise the valuation achieved.