Cyber Security & ICT Due Diligence Service

Cyber Security Due Diligence
Who is on your networks?

Issues:

In my experience, due diligence for investment, mergers and acquisitions tends to focus on the numbers (obviously), markets, product longevity, staff and normal “business factors”. ¬†Businesses today are so intrinsically dependent upon technology and global communications that carrying out due diligence on the technology infrastructure and cyber security posture is an essential element of the process if there are not to be unwelcome surprises.

Where I can help…

Under the cover of binding non-disclosure agreement, I will conduct an assessment of the target company in terms of:

1) Information Technology Infrastructure:

  • cost-effectiveness;
  • efficiency;
  • security;
  • life-expectancy;
  • usability;
  • manageability;
  • transition/integration risk.

2) Cyber Security Posture:

  • information security policy & implementation;
  • security architecture;
  • communications defences;
  • network defences;
  • intrusion defences;
  • standards compliance (PCI DSS, ISO 27001);
  • systems & network monitoring;
  • interoperability with other relevant entities;
  • transition/integration risk.

What I deliver…

For a medium-sized company (less than 2,500 staff) a short study will deliver a high level report detailing the strengths, weaknesses, opportunities and threats presented by the information technology infrastructure and cyber security posture of the target entity.  It will provide sufficient detail to make informed decisions on the acceptability of the risks presented by the target entity and make recommendations as to how relevant risks might be managed during the process of acquisition or integration.