Cybersecurity in M&A Transactions: Negotiating the Deal with Due Diligence
Traditionally, M&A due diligence is solely focused on the traditional risks areas. However, due to the increasing developments and advancements in technology, asset due diligence evolved dramatically and now includes software escrow and open source software. With this, cybersecurity has become one of the most vital parts of the M&A process for any deal and transaction especially those which involve targets with any kind of online presence.
In this LIVE Webcast, a panel of thought leaders brought together by The Knowledge Group will provide the audience with an in-depth analysis of the fundamentals as well as all the important cybersecurity issues in M&A transactions. Speakers will also present best strategies in negotiating deals with due diligence.
Key topics include:
- Due Diligence in Cybersecurity and M&A Transactions
- Cybersecurity Provisions in M&A Transactions
- Post-Acquisition Data Integration Considerations
- Identifying Risk Areas
- Common Issues and Considerations
- Establishing a Cyber Risk Management Program
- Uncovering Opportunities and Pitfalls
Bill Snyder, Executive Director, Transaction Advisory Services
Ernst & Young LLP
Holly Ridgeway, Director Information Security Programs
Mandiant, a FireEye Company
Shawn Fleury, Director
Alvarez & Marsal
- Due Diligence
Neil Kleinberg, CEO
Scott A. Lawler, CISSP-ISSAP, ISSMP, Chairman/CEO
Who Should Attend:
- Cyber Risk Officers/Managers
- Board Directors/Members
- M&A Attorneys
- Financial, Legal, and Operational M&A Due Diligence Practitioners
- Industry Watchers
- Other Interested Professionals
Ms. Ridgeway has served as the Chief Information Security Officer for PNC Financial Services Group, and the Department of Justice. In these roles, Ridgeway led the organizations information security efforts with responsibility for leading all cyber program activities, including the creation of detection, monitoring, incident response, reporting and security services of the 24x7 PNC Fusion Center, and Department of Justice Security Operations Center. She is credited with developing and implementing a highly successful real-time situational awareness program and has successfully led many large incident response efforts, including the distributed denial of service attacks against the financial sector that occurred in 2012-13. Additionally, Ridgeway led industry and government wide task forces and served on boards including the AFCEA International Cyber Security Board of Directors, Government CIO Working Group, Financial Sector Information Sharing and Analysis Center (FS-ISAC) assisting in addressing and solving industry and government-wide security issues. She served on the Security Working Board of BITS and was a Board member for the Financial Top Level Domain (fTLD). In 2013, Ms. Ridgeway was recognized by her peers and honored with Global CISO top ten breakaway thought leader award.
Ms. Ridgeway has served as the Chief Information Security Officer for PNC Financial Services Group, and the Department of Justice. …
Bill Snyder is an Executive Director in the EY Transaction Advisory Services (TAS) group with the Financial Valuation and Cyber Due Diligence practices. He brings more than 20+ years’ experience in complex transactions, including cross-border M&A, international joint ventures, and divestitures particularly in the US and Asia.
In prior capacities, Bill spent 8 years based in China covering cross border M&A serving major multinationals corporations for strategic inbound/outbound M&A, divestitures, and Sino-Foreign joint ventures.
Bill is a former member of the White House staff with the Office of Science and Technology Policy (OSTP) during both the Bush (George H.W.) and Clinton Administrations. He has been cited in various articles and television, radio, and print interviews by the Wall Street Journal, Dow Jones Newswires, iFeng TV, China Business News, and other business outlets on various corporate finance and China business related topics.
Bill Snyder is an Executive Director in the EY Transaction Advisory Services (TAS) group with the Financial Valuation and Cyber …
Shawn Fleury is a Director with Alvarez & Marsal’s Global Forensic and Dispute Services practice in San Antonio, Texas. Mr. Fleury has more than nine years of experience in various industries supporting intrusion investigations, security assessments, eDiscovery collections, and criminal and civil investigations.
Mr. Fleury is an expert in information security, network incident response, computer evidence seizure, computer forensic analysis, data recovery, network assessments, and development of computer forensics laboratories. He leads A&M’s Incident Response efforts and is responsible for ensuring that incident response engagements are successfully managed.
He has experience in conducting risk assessments using the ISO 17799 and 27001 as a security template and framework. He was on the team that developed and implemented the site assessment process utilized at USAA Financial Services Company and its third party vendors and business partners. Mr. Fleury has conducted numerous site assessments to include coordinating visits with senior level management, reviewing the facility security (physical, technical, and process), creating executive/technical reports based on the site assessment findings and briefing management of the evaluated sites on the results of the site assessment. He is also experienced with conducting Cyber Readiness Assessment, Vulnerability Assessments and has conducted assessments utilizing the NIST Cybersecurity Framework.
Shawn Fleury is a Director with Alvarez & Marsal’s Global Forensic and Dispute Services practice in San Antonio, Texas. Mr. …
As founder and CEO, and inventor of its intellectual property, Mr. Kleinberg is responsible for leading DiliVer’s Corporate organizational unit, which includes overseeing its performance and growth functions. With 25 years of experience as an entrepreneur, executive, management consultant, and lead technology engineer, his expertise spans the commercial and government sectors, including the information technology, financial services, national security, healthcare, judicial, public safety, and telecommunications industries. In his previous role, Mr. Kleinberg led corporate development buy-side and sell-side M&A activities at enterprise software market leader ASI, and participated in more than 20 initiated transactions, including a private equity raise. Prior to ASI, as President of VerticalFalls Software, which developed CRM solutions for financial advisors working in brokerage firms, Mr. Kleinberg orchestrated a successful exit as the company was acquired by Sage in 2007. Before VerticalFalls, he was a founder/owner in two other prosperous high-growth technology companies—EIC, a management consulting firm, and NTC, a specialized high radio frequency electronics firm. Mr. Kleinberg is also currently an adjunct professor at Johns Hopkins Carey Business School, where he teaches Strategic Management, Entrepreneurial Finance, and Corporate Governance courses, and he is a Technology Commercialization Advisory Board member at Johns Hopkins University, where he received his MS in Computer Science and BS in Bioengineering. Recently, he became a Mentor-in-Residence at Johns Hopkins Technology Ventures. Mr. Kleinberg is also a mentor of the Washington, DC Metro Chapter of the Founder Institute, a global program for training technology entrepreneurs and preparing them to launch new companies, and he was elected to the MindShare CEO Network and Alumni Association.
As founder and CEO, and inventor of its intellectual property, Mr. Kleinberg is responsible for leading DiliVer’s Corporate organizational unit, …
Mr. Lawler provides leadership as well as subject matter expertise to LP3 customers in the areas of Enterprise Architecture, Information Assurance, Security Architecture, and Enterprise Management Operations. Mr. Lawler served for 21 years in the Air Force beginning his career in F-15 avionics, attending Officer Training School, and becoming a Communications Officer. During Desert Storm, he was commander of the 54th Combat Communications Squadron. He served at Air Combat Command providing leadership in enterprise architecture, computer networking, and information assurance. Standing up the Department of Defense Computer Emergency Response Team, Mr. Lawler led a team delivering network security services supporting 2.2 million computers. He was a key leader in activating the Joint Task Force-Global Network Operations (JTF-GNO) creating a mission critical global showplace and center of technical excellence. Mr. Lawler drafted and hand-carried the memo for DEPSECDEF signature that created the Information Assurance Vulnerability Alert (IAVA) program. He developed industry leading vulnerability management as well as tactical and strategic IA analysis techniques. After military retirement, Mr. Lawler became Director of Technology (CTO) for General Dynamics’ Engineering Development and Integration Services organization. He also served as the Chief Information Security Officer (CISO) for the National System for Geospatial Intelligence. Mr. Lawler provides enterprise architecture support as well as security consulting services across DoD, Intelligence Community, and Federal organizations. His areas of expertise include information assurance, multi-level security solutions, cross-domain solutions, enterprise collaboration, modeling and simulation, knowledge management, data mining, information sharing, and transformation. Mr. Lawler is a Board Member on the Common Vulnerabilities and Exposures (http://cve.mitre.org). As a Computer Information Systems Security Professional (CISSP), he supports the International Information Systems Security Certification Consortium (https://www.isc2.org/) as a subject matter expert for the Information Systems Security Architecture and Management Professional advanced credentials. Mr. Lawler helped ISC2 develop the new Healthcare Information Security and Privacy Practitioner credential. As a Board Member of Protecting Tomorrow, a non-profit organization, Mr. Lawler frequently speaks to small and medium size business groups educating leaders on critical cyber security issues that could impact business operations. Mr. Lawler holds a BS in Electrical Engineering from Texas A&M University, an MBA in Global Technology Management from the University of Phoenix, and a Systems Engineering Certificate from George Mason University.
Mr. Lawler provides leadership as well as subject matter expertise to LP3 customers in the areas of Enterprise Architecture, Information …
Print and review course materials
Method of Presentation:
Experience in mergers and acquisitions
NASBA Field of Study:
Information Technology - Technical
NY Category of CLE Credit:
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
About Mandiant, a FireEye Company
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 5,300 customers across 67 countries, including more than 825 of the Forbes Global 2000.
About Ernst & Young LLP
Ernst & Young (EY) is a global consulting firm with over 230,000 people based in 728 offices in 150 countries, providing Assurance, Advisory, Tax, and Transaction Advisory Services.
The firm’s Transaction Advisory Services practice helps businesses drive competitive advantage by proactively managing their capital agenda, which determines how they strategically raise, invest, preserve and optimize their capital.
The EY Cyber Due Diligence (CyDD) service offering uncovers cyber risks in target companies early and throughout the transaction lifecycle (strategy, diligence, and integration) and translates technical cyber risks into financial business risks and terms executives can understand and act upon. CyDD estimates the financial impact in a deal from cyber disruption or theft related to a potential cyber events or actual breaches, including brand or reputation damage, lost sales/profits and diminished value of key intangible assets (e.g. proprietary technology, patents, customers, etc.).
About Alvarez & Marsal
Companies, investors and government entities around the world turn to Alvarez & Marsal (A&M) when conventional approaches are not enough to activate change and achieve results. Privately-held since 1983, A&M is a leading global professional services firm that delivers performance improvement, turnaround management and business advisory services to organizations seeking to transform operations, catapult growth and accelerate results through decisive action. Our senior professionals are experienced operators, world-class consultants and industry veterans who draw upon the firm’s restructuring heritage to help leaders turn change into a strategic business asset, manage risk and unlock value at every stage.
DiliVer is a financial technology (FinTech) M&A software company with specialized due diligence solutions that help yield better combined entity outcomes and a variety of other transaction life-cycle benefits. Our industry-specific (“domain-verticalized”)/data-driven (“scorecard-powered”) applications drive a new due diligence paradigm that improves the quality and reduces the risk of M&A transactions for strategic/financial buyers (e.g., large corporations, private equity firms), all stages of sellers (e.g., established companies, emerging small businesses), and their intermediaries (e.g., advisors, specialists) when forming new combined entities. DiliVer’s customers either perform M&A financial, legal, or operational (our sweet spot) due diligence services directly or outsource such services from M&A ecosystem providers.
LP3-SecurIT is a cyber security company uniquely focused on business clients—providing an objective due diligence appraisal of cyber security posture, which is a key financial risk or liability in the mergers and acquisitions (M&A) transaction process. A poor decision to connect an at-risk business network can immediately breach the entire merged company, potentially resulting in intellectual property loss, breach fines or penalties, and significant resource impact for recovery and risk mitigation later.
The LP3 Security Maturity & Risk (SMR) business cyber security assessment is an objective appraisal of a client’s overall security posture based on a well-proven methodology reviewing overarching security policy and currently implemented critical security controls. LP3 provides a clear understanding of key security-related risks that could disrupt business operations and provides specific steps to mitigate those business critical risks.
LP3 has divisions and subsidiary companies that help government, commercial, and R&D customers “Produce, Protect and Perform.”