Main Menu

John McCauley Discusses Cybersecurity and Its Effect on M&A Transactions


Photo of John  McCauley, CIPP (US)

John McCauley’s article, "Treat Cybersecurity As A Risk Factor In M&A Due Diligence," was recently featured in The Indiana Lawyer. In his article, McCauley, who specializes in cybersecurity and privacy among other areas, discusses the importance of cybersecurity as it pertains to due diligence in merger and acquisition (M&A) transactions.

“When it comes to due diligence in M&A transactions, cybersecurity should be a primary consideration for companies in all industries,” McCauley says.

McCauley delves into staggering FBI statistics on ransomeware attacks, as well as responses to surveys from M&A practitioners regarding how important they consider cybersecurity to be in the M&A due diligence process, and how many acquirers discovered a cybersecurity problem after a deal went through.

In addition to McCauley's emphasis on the effect that a cybersecurity attack can have on the overall M&A due diligence process, he also talks about the high cost associated with data breaches, and what the acquiring company should look for in the target company’s cybersecurity practices. In fact, McCauley suggests that an analysis of a target company’s general technology system is not enough, instead, he says, “the acquiring company needs to dig deeper beyond the general technology systems in place in the target company and determine how secure the target’s data is and if it’s been compromised. The acquiring company should be asking the target company many questions about its cybersecurity practices.”

In this age of vast technology, cybersecurity plays a key role in every major aspect of business, and M&A is no exception.

You can read “Treat Cybersecurity as a Risk Factor in M&A Due Diligence” on The Indiana Lawyer website. 

Back to Page