Cyber Security check is must during a Merger and Acquisition
The year of 2016 experienced a lot of cyber-attacks including the large cyber-attack on Yahoo, where over 1 billion accounts were compromised. Consequently, Verizon asked for a discount before acquiring Yahoo due to the cyber-attack and that any further damage caused by the attack will be jointly shared. However, Verizon had to pay $350 million less to Yahoo. The moral of the story is that a company should do a cyber security check before acquiring/merging with another.
If a company does not do a cyber security due diligence, they can still be held responsible after the merge and be charged, face penalties, or lose reputation due to a data breach. Therefore, it is critical for example when A is purchasing B to perform a risk audit in order to assess financial and societal factors that might lead to a cyber-attack in the future. Moreover, certain industries are required to have a secure environment to protect user data and before merging or acquiring it, the purchase should be compliant with the standards. Expert help may be necessary to ensure that everything is in place before a purchase is done.
Source: Cybersecurity Insiders