EXECUTIVE SUMMARY:

Firms negotiating manufacturing mergers and acquisitions (M&As) should engage in cyber security due diligence reviews, but historically, they’ve fallen short. The implications are far-reaching.

Merging infrastructures that used to exist independently “often leads to manufacturers maintaining –at least initially- multiple identity repositories such as Active Directory (AD), which contain privileged access credentials, usernames, roles, groups, entitlements and more,” for example.

Retaining this type of data in multiple locations, and under divergent security systems creates security blind spots that cyber criminals eagerly take advantage of. These types of compromising cyber security gaps abound.

The status quo, where firms scrimp on or skip cyber security due diligence reviews, will have to change. From Q1 2019 to Q2 2019, industrial manufacturing mega deals reached valuation of $27.4 billion. In the ensuing months, manufacturing is estimated to be one of the largest sectors for fresh mergers and acquisitions.

“PE [private equity] firms are…capitalizing on how many family-run manufacturers are in the midst of a generational change in ownership.” Many within the new generation of manufacturing professionals would prefer to leave the management component to someone else.

In 2010, the US Department of Homeland Security issued 17 vulnerability advisories for manufacturers. In 2018, that number multiplied to 223, indicating just how prevalent cyberattacks really are within the industry.

Be sure that your digital data is not imperiled. Keep intruders out, avert catastrophe, and ensure that your investments will pay off. Read this story from Forbes for more information on cyber security within manufacturing M&As.