Latest Expert Exchange Queries
sitemapHome | Registration | Job Portal for CA's | Expert Exchange | Currency Converter | Post Matrimonial Ads | Post Property Ads
News shortcuts: From the Courts | News Headlines | VAT (Value Added Tax) | Service Tax | Sales Tax | Placements & Empanelment | Various Acts & Rules | Latest Circulars | New Forms | Forex | Auditing | Direct Tax | Customs and Excise | ICAI | Corporate Law | Markets | Students | General | Indirect Tax | Mergers and Acquisitions | Continuing Prof. Edu. | Budget Extravaganza | Transfer Pricing
Popular Search: empanelment :: articles on VAT and GST in India :: due date for vat payment :: cpt :: ARTICLES ON INPUT TAX CREDIT IN VAT :: form 3cd :: Central Excise rule to resale the machines to a new company :: TAX RATES - GOODS TAXABLE @ 4% :: VAT Audit :: list of goods taxed at 4% :: ICAI offer Get Windows 7,Office 2010 in Rs.799 Taxes :: ACCOUNTING STANDARDS :: VAT RATES :: ACCOUNTING STANDARD :: TDS
« Mergers and Acquisitions »
 The 12 digital health mergers and acquisitions of Q1 2017
  Deals of the day-Mergers and acquisitions Apr 19, 2017
 Deals of the day-Mergers and acquisitions Apr 19, 2017
 Foreign investors giving M&A deals in India’s renewable energy sector a miss
 Mergers and acquisitions are getting riskier as insurance claims rise
 The Financial Times started a mergers and acquisitions newsletter for its highest-paying subscribers
 Milton Barbarosh Offering Assistance on Mergers & Acquisitions
 Deals of the day-Mergers and acquisitions 15 April 2017
 Traders say mergers and acquisitions could bring boost to biotech stocks
 Accounting a new disruptor in mergers and acquisition strategies
 Bridging the Valuation Gap in Mergers and Acquisitions

Making cybersecurity a priority in mergers and acquisitions
August, 22nd 2016

The change inevitable in a post-deal situation makes the new company a ripe target for cyber criminals, who often capitalize on the security vulnerabilities that can arise during system implementations, lack of clarity or governance, and employees who may be anxious about losing their jobs. How does a smart, strategic CIO circle the wagons and fortify his or her data?

Last time, we looked at the importance of rigorous cybersecurity assessment during the due diligence phase of acquisitions. There we saw that preparation — getting ahead of the game — is the key to success. The same is true for integration.

How to rebuild your career after a layoff
There is life after the layoff. Take these 6 steps to engineer your own comeback.
When companies integrate, they need to reconcile all of their separate components as part of their 100-day plan for integration: not only different enterprise resource planning (ERP), human resources (HR) and other systems, but also the way security is managed in a cohesive way between the two legacy companies, including governance, processes, resources and systems. In some cases, a company will simply allow an acquisition to keep running their own systems, but this is only rarely the more practical course. To keep data safe, a buyer’s first task is almost invariably the normalization of divergent security systems.

“The watchwords of successful cybersecurity integration are organization and rationalization,” says Micky Houston, Deal Advisory’s Information Technology lead at KPMG. “This is essential not only to keep intruders at bay, but is also relevant from a cultural perspective as well. An immediate and concerted effort to normalize processes is key — you need to be able to offer executives a thoughtful, well-articulated strategy beforehand.”

That integration strategy generally involves two phases: interim integration and long-term integration. Acquisitions often occur more quickly than new security protocols evolve, so a successful integration tends to begin with a strong interim plan. Over time, as the two entities coalesce into a whole, a long-term strategy emerges.

An effective interim plan begins with a more holistic look at cyber from the perspective of the newly merged entity. This includes changes to processes, resources, technology and governance that can impact the availability or confidentiality of sensitive data. Because this is a temporary, transitionary stage, the goal is not to establish a permanent solution, but to assess cyber maturity across the newly merged organization and from that drive a prioritized approach to cyber risk management. As with other risk mitigation, higher risk and quick hit areas should be prioritized and interim controls established, including structured employee access, while a more detailed and comprehensive strategy and road map is built and actioned in parallel.

“At all times during the early stages of integration,” Houston says, “It’s vital to know who needs access to what information, and why. On one hand, employees need to be able to carry out their work; but on the other, every precaution has to be taken to make sure that neither bad actors nor carelessness result in a security breach, which can be devastating.”

Some of the key issues that need to be tackled for the long-term plan include developing a security strategy, creating a data governance system, and assigning a management team. Key to this plan includes a clear top-town message and strategy on what is to be implemented, protected and invested in so all employees are on the same page as it pertains to cyber security. And where most companies fail in this implementation is stopping at the management message. Continued training of all employees on the risks associated with data sharing, third parties and cyber protections will reinforce the new culture equipped to defend itself against bad actors.

As the integration progresses, the integration team also needs to put a targeted review in place to monitor the cybersecurity of the merged entity on an established schedule. Depending on the industry and the cybersecurity risks, the merged entity might want to develop an automated continuous monitoring system that can evaluate any risks on a real-time basis.

Due diligence should ensure that there is a plan to make sure such cybersecurity prerequisites are met from the first moment of the integration process. Integration should begin with an agile interim plan that provides the necessary access for employees and restricts data completely wherever it’s not needed.


Home | About Us | Terms and Conditions | Contact Us
Copyright 2017 CAinINDIA All Right Reserved.
Designed and Developed by Binarysoft Technologies Pvt. Ltd.
Portal Design Website Design Portal Designing Website Designing Web Design Professional Portal Design Professional Website Design Professional Web Design Portal Design India Website Design India Portal Designing India Website Designing India Web Design India Professional Portal Design India Professional Website Design India Chicago Professional Web Design New York Professional Web Design California Website Design Florida Website Design New Jersey Website Design Britain UK Website Design London Manchester Website Design

Transfer Pricing | International Taxation | Business Consulting | Corporate Compliance and Consulting | Assurance and Risk Advisory | Indirect Taxes | Direct Taxes | Transaction Advisory | Regular Compliance and Reporting | Tax Assessments | International Taxation Advisory | Capital Structuring | Withholding tax advisory | Expatriate Tax Reporting | Litigation | Badges | Club Badges | Seals | Military Insignias | Emblems | Family Crest | Software Development India | Software Development Company | SEO Company | Web Application Development | MLM Software | MLM Solutions