63% Indian IT decision makers see cyber security as major M&A hurdle: study

Representative Image
Merger and acquisition (M&A) deals in India are most prone to cyber security threats in the IT (information technology) space, a study reveals.

About 63 per cent of IT decision makers (ITDM) out of the 372 respondents in India say that they experience wide-ranging cybersecurity challenges during M&A - one of the highest across the globe, according to a merger and acquisition (M&A) cybersecurity risk survey done by Forescout Technologies Inc, the leader in device visibility and control.

The study titled 'The Role of Cybersecurity in M&A Diligence', surveyed more than 2,700 ITDM and business leaders from United States, France, United Kingdom, Germany, Australia, Singapore, and India. The survey was conducted to examine the growing concern of cyber risks and the importance of cyber assessment during M&As and subsequent integration process.

About 53 per cent of Indian IT decision makers say they find unaccounted IoT (internet of things) and OT (operational technology) devices after completing the integration of a new acquisition.

“Many deals face a race to get across the finish line. Fifty four per cent of Indian respondents strongly agree that their IT team is given adequate time to review a targets’ cybersecurity standards, processes and protocols before completing an acquisition”, the report revealed.

The global research survey has discovered that 65 per cent of respondents experience buyers’ remorse after closing an M&A deal due to cybersecurity concerns.

According to the survey, 53 per cent of global respondents report that their organization has encountered a critical cybersecurity issue or incident during an M&A deal that put the deal into jeopardy.

“M&A initiatives are usually time-bound with discussions and negotiations often running at a much faster pace. The business dynamics often make the cybersecurity concerns go overlooked in the grand scheme of things. However, any unnoticed IT anomaly can either cause a breach immediately or later emerge as a vulnerability that gets exploited by cybercriminals. This makes cyber due diligence more imperative for M&A businesses than what they typically believe”, Ramsunder Papineni, Regional Director-India and SAARC, Forescout said.