SlideShare a Scribd company logo

M&A security - E-crime Congress 2017

EQS Group
EQS Group

Solutions.Information Security During Mergers & Acquisitions: Issues, Safety Measures, and Need-to-Know Solutions. Information security risks and threats connected with mergers and acquisitions, which can include months of often precarious IT migrations and legacy services left exposed; how Cloud computing affects information security risks and threats during merger and acquisition activities, as well as the positive opportunities that they can offer; why Information Security should be involved in the early phases of due diligence, including the phases during which the deal is structured and the acquisition model is defined; a simple framework and actionable material.

Leadership & Management
1 of 82
Download to read offline
INFORMATION SECURITY DURING MERGERS & ACQUISITIONS Issues, Safety Measures and Need-to- Know Solutions Marco Ermini, 2017
WHY? ➤ Why does it need Cyber Security support? ➤ Aren’t they just ordinary business transactions? ➤ They seem to occur nearly every day, so what is so special about them that they require special security support, or any security support at all? ➤ What value does a security professional bring to the team? 2
THE ACADEMIC MINUTE… Black’s Law Dictionary defines mergers and acquisitions as the following: Merger: The union of two or more corporations by the transfer of property of all, to one of them, which continues in existence, the others being swallowed up or merged therein… Acquisition: The act of becoming the owner of a certain property… Divestiture: to deprive; to take away; to withdraw 3
THE ACADEMIC MINUTE… It is all about… 1. Costs Control, 2. Market Share, 3. Regulatory Landscape, & 4. Many Others 4
KEY BUSINESS DRIVERS ➤Confidentiality ➤Speed ➤Business as usual ➤Zero Impact ➤Informed Business Decision on Risk 5
WHY M&A FAIL? ➤ The acquiring company does not properly assess the value of the target company ➤ Inability of the acquiring company to successfully integrate the target company that leads to a failed acquisition “It is well known in the M&A community that most acquisitions fail to create shareholder value, that is, they end up as a negative sum after paying acquisition premium and banker fees, impossible to get synergies to make up loss. The acquisitions that do create value are either a version of corporate venture capital (large company scooping tiny team), or mid-cap industrials buying a supplier. Few and far between…“ 6
THE FOUR “C”S
THE FOUR CS ➤Capture ➤Connect ➤Combine ➤Consolidate 8
THREATS AND RESPONSE
SCOPING THE THREATS ➤ Special Interest Groups – gain from the Operation ➤ Financial Criminals ➤ Competitors ➤ Acquisition / Merger Company ➤ Disgruntled Employees ➤ General Interest Groups – gain from Impact ➤ Script Kiddies / Hackers ➤ Hacktivists / Terrorists ➤ Spies 10
SCOPING THE RISKS ➤ Publicity, raising profile — your interest gets attacker’s interest! ➤ Impact on: ➤ Resources ➤ Technologies ➤ Infrastructure ➤ Disgruntled Employees ➤ Change in threat and risk model ➤ Absorbing unknown / Confusion ➤ Creating new attack vectors and window of opportunity ➤ Business drivers can force this the Security Manager very quickly ➤ Are we all really equipped for change? 11
THE SECURITY MANAGER
THE ROLE OF A SECURITY MANAGER ➤ Protecting the effort itself ➤ Confidentiality of the total effort ➤ Confidentiality of the team’s work ➤ Evaluating the security condition of the target company ➤ Impact on the deal’s value ➤ Asking the right questions ➤ Providing subject matter expertise ➤ Identify Security Requirements for the New Company ➤ Controlling Rumors ➤ Managing Global/International Aspects ➤ “Team Consultant” ➤ Low Hanging Fruits 13
IMPORTANCE OF CONFIDENTIALITY ➤ Premature Disclosure of Intent ➤ Loss of key employees ➤ Bidding wars ➤ SEC Liability ➤ Loss of Initiative ➤ Loss of Goodwill ➤ Target Company ➤ 3rd Parties relationships ➤ Customer relationships 14
PROTECTING THE OPERATION ➤ Unintended Release ➤ Unauthorized Release ➤ Protection from competitive intelligence efforts ➤ Documents Control 15
THE SECURITY MANAGER IN ACTION ➤ Preliminary background investigations ➤ Collection of Open-Source information ➤ Due diligence ➤ More in-depth look ➤ Estimation of Costs of Cyber Security ➤ Operations security ➤ Protect operational activities ➤ Develop and implement protective measures ➤ Appropriate for each phase of the acquisition 16
PRELIMINARY WORK
HOW CAN I VERIFY AN M&A TARGET CANDIDATE? ➤You cannot explicitly test your acquisition’s candidate ➤You cannot simply ask them for their vulnerability assessments’ results ➤Not all companies have a structured and mature security program ➤You cannot silently test them either 18
EXTERNAL SOURCES ➤Professional Associations ➤Service Providers ➤Public (Open) Sources ➤Job Applications/Job Postings 19
HOW THAT DOES LOOK FOR REAL… 20
DUE DILIGENCE Toolkit: https://github.com/markoer73/M-A
“CAPTURE” OF SECURITY CONTROLS ➤ 13 Domains to verify 1. Digital Identities 2. Admin Accounts 3. Endpoints/Client Systems 4. Servers 5. Networks 6. Hosting 7. Email 8. Data Recovery 9. Boundary Defenses 10.Assets Inventory 11.Operational Security 12.Physical Security 13.Wireless Networks 22
EXAMPLE OF POLICY REQUIREMENT Domain Verification How-to Objectives Minimum Acceptable Level Digital Identities Verify status of identities in main identity store (use of unique IDs, generic accounts, password policy, Groups’ usage, GPOs, Federations, etc.). Verify if anything is outside of the main identity store (e.g. VPN accounts, Cloud accounts, supplier accounts, etc.).  Interview with IT admins from Target.  Snapshot of information from AD/LDAP.  Interview with business units which manage other tools (Cloud etc.), to understand how this is managed  Ensure appropriate controls are in place to protect Target environment and data  Get an idea of the complexity of the DI structure of the Target.  Understand usage of Cloud applications and identities.  Understand how restriction of access to information happens in Target.  There is a Directory Service  Unique IDs are used  Permissions are assigned via Groups in the Directory Service  Service and Cloud accounts are gathered, minimized, and under control  Sensitive files are shared in a secure way Admin Accounts Verify status of admin account management in main identity store, if managed there. Verify if anything is outside of the main identity store (e.g. VPN accounts, Cloud accounts, supplier accounts, etc.)  Interview with IT admins from Target.  Snapshot of information from AD/LDAP and other tools.  Ensure admin account controls are defined, implemented and reviewed to protect systems and data  Understand how IT administrative actions are performed, what the  Admin accounts are managed under a Directory Service  Admin accounts are unique for each admin  Central ownership of who gets appropriate rights  Process for removing rights as appropriate 23
EXAMPLE OF INTERVIEW QUESTIONS Domain Minimum Acceptable Level Key Topics for Discussion Digital Identities  Directory Services of any kind are used  Unique IDs are used  Permissions are assigned via Groups in the Directory Service  There is an adequate password policy in place  Service and Cloud accounts are gathered, minimized, and under control  Sensitive files are shared in a secure way  How many people are present in the company? Get overview of employees’ org chart/roles, and how many people are in IT and Security.  How old is the company? Get brief history, acquisitions, etc.  Which DS is used? (AD, which version?)  Get overview of Groups, GPOs, shared accounts, shared mailboxes, federated services, password policy (for AD, request screenshots).  Is every system and device connected to DS and follow password policy, or there are systems which have their own passwords (e.g. Wi-Fi, network devices, etc.)?  What is the process by which Group ownership, permissions and accesses to systems and applications are granted?  Get overview of Cloud services used and how accounts are managed, if SSO is used and how, especially concerning files and documents sharing with third parties.  Is Cloud Sharing such as Box, Dropbox etc. being used? Admin Accounts  Admin accounts are managed under a Directory Service  Admin accounts are unique for each admin  Central ownership of who gets appropriate rights  Process for removing rights as appropriate  Get overview of how administration is performed, if AD Groups and GPOs are used, if shared accounts and/or shared mailboxes are used for admin accounts  Understand how permissions are granted and removed from users as their work and function changes in the company 24
RISK ASSESSMENT ➤ Management Summary with a clear status ➤ Clearly indicate the area that will need additional attention ➤ Especially indicate where the additional costs will incur (e.g. new wireless equipment, re-imaging of the endpoints, reimplementation of firewall, etc.) 25
IMPACT ASSESSMENT➤ Indicate the kind of impact: ➤ Security ➤ Processes ➤ Costs ➤ Indicate expected remediation, aligned with IT ➤ If not possible to estimate costs immediately, indicate how they should be calculated (e.g. need to provision new firewall cluster) 26
SUMMARIZE FINDINGS ALIGNED WITH IT IN ONE SLIDE 27
COSTS ALIGNED WITH IT FOR THE INTEGRATION 28
CONNECT
STARTING TO WORK IN CLEAR SIGHT ➤ The news is out ➤ Information Completeness is paramount ➤ An Integration Plan is proposed ➤ Technical Integration ➤ Networks, PCs, applications, data centers, hosting… ➤ Business Processes and Systems ➤ Timing ➤ The Integration Plan must also negotiate from an “as-is” to a “to-be” state for the Target. 30
COMBINE
Target Characteristics Security Guidelines SLAs SMALL ➤ Small employee base (< 200 employees) ➤ Low complexity ➤ Private ownership ➤ Little to no geographical diversity ➤ No separate legal entities ➤ No/limited need to keep the same facilities ➤ No/limited to keep the existing technologies ➤ Purchased for limited product portfolio, technology, talent, or local presence ➤ Baseline security controls Target is fully absorbed into IT infrastructure ➤ All IT labor is absorbed into IT global business units ➤ Security controls established or confirmed in less than 100 days MEDIUM ➤ Similar to previous kind, but Target has certain identifiable complexities that require specific sensitivity during integration ➤ Fewer than 500 employees ➤ Needs to be stand-alone for a certain period of time ➤ During stand-alone time, Target maintains defined non- compliances ➤ Supports its own IT infrastructure during the stand-alone phase ➤ Integration of Target may be full, hybrid, or standalone ➤ All IT labor is absorbed into IT global business units ➤ Operation integration of some IT infrastructure may take +180 days ➤ Processes may take 3 to 9 months LARGE ➤ More than 500 employees ➤ Relatively large operations ➤ Significant multinational presence and subsidiaries ➤ Target contains certain identifiable complexities that require specific sensitivity during integration ➤ Integration of Target may be full, hybrid, or standalone ➤ IT labor can stay funded by Target company ➤ Operation integration of some IT infrastructure may take +180 days ➤ Customized integration plan ➤ IT Support is shared ➤ Processes take more than 12 months 32
COMBINING THE TWO COMPANIES ➤ Resources, staffing, processes, and systems are combined ➤ Business processes are as much as possible leveled ➤ IT tools are unified ➤ Active Directory merging strategy is key! ➤ The Target company has comparable / same security ➤ Exceptions are documented and signed off by leadership (executives, CISO) ➤ Agreed-upon designs are implemented ➤ Operations — including InfoSec – are turned to standard support ➤ Weekly or recurring meetings can be setup to assess progresses 33
PLANNING THE ACTIVE DIRECTORY INTEGRATION ➤ Training for the technicians performing the migration ➤ Scheduled outages ➤ Companies’ cultural differences such as who's allowed access to AD and Exchange, or how file system security is set ➤ Network differences between the two sites ➤ Network, AD, or Exchange anomalies ➤ Customer and employee communication 34
PAIN POINTS IN ACTIVE DIRECTORY INTEGRATION ➤ Deciding the strategy ➤ Integrate the Target into the Acquiring ➤ Build a new, combined AD ➤ Migrate legacy objects into a new AD ➤ One Company, One Email! ➤ Free/Busy Information ➤ Exchange/Lync/Office/AD versions ➤ Office 365? ➤ External Federations/Partners/ADFS? ➤ DNS configuration/forwarding ➤ SID history/filtering ➤ Evaluate purchase of a dedicated AD migration/upgrade tool 35
ADJUSTING POLICIES
MERGING POLICIES • Safeguards against disgruntled employees • New employee contracts • Are existing Policies still relevant? • Are we “dumbing down” their security? • Existing employee contracts • Do they protect you? • Do they meet new relationship? • Identify key policies — yours vs theirs • Work with Legal Departments 37
MERGING INFOSEC
THE NEW SECURITY DEPARTMENT ➤ Cost/Budgeting ➤ Pre-merger: OpEx ➤ Merger: CapEx, Processes ➤ Post-merger: Optimization ➤ Communications 39
WHAT IF I AM ON THE WEAK SIDE? 1. Identify specific strengths that can be useful in the merging ➤ Experience from security incidents ➤ Technological implementations ➤ Local knowledge and compliance 2. Be prepared to learn ➤ What is the current Cyber Security philosophy? ➤ Who is taking security-related decisions? 3. Don’t rush your career decisions ➤ Can bring new opportunities ➤ Meet the new management 40
LEVERAGING THE CLOUD
CLOUD EMAIL GATEWAYS 42
SAAS WAF/CDN 43
MOVING TO A CLOUD-BASED ERP OR EMAIL SOLUTION 44 ➤ Traditional M&A dogma is “transition, then transform” ➤ Companies however are leveraging migration to key technologies to the Cloud during the M&A process as an enabler ➤ Can simultaneously replace aging, capital-intensive technology with a subscription-based operating model ➤ Ideal also for divestitures ➤ Boarding is considerably faster and cheaper than traditional on-premise solutions (Accenture estimate: 30% for both) ➤ Ultimate flexibility during a post-deal transition
BACKUP SLIDES: OPEN SOURCE INFORMATION GATHERING
OPEN SOURCE INTELLIGENCE ➤ Collection of free tools and source of information ➤ They divide into ➤ Tools which can run locally ➤ Search Engine “dorking” (e.g. Google hacking) ➤ Semi-closed sources ➤ Exploitation of sites which have originally other purposes (e.g. social networks, dating sites…) 46
METASPLOIT RECON-NG 47
FOCA SEARCH 48
JOB POSTING’S HARVESTING 49
JOB POSTING’S HARVESTING 50
JOB INTERVIEWS’ HARVESTING 51
ROBTEX.COM 52
ROBTEX.COM 53
HARVESTING OF CORPORATE EMAILS 54
GATHERING OF DOMAIN NAMES 55
GATHERING OF DOMAIN NAMES 56
OLD (AND NEW) FASHION SCANNING 57
MALTEGO 58
MALTEGO 59
MALTEGO 60
MALTEGO 61
MALTEGO 62
MALTEGO 63
NMAP 64
CENSYS.IO (SEMI-FREE) ➤ Parsing and collection of various publically-available information ➤ Example: certificates ➤ SSLVPN in France and Munich ➤ Date Center presence in Munich, San Diego, Sydney ➤ Demo-site of Hybrid (e- commerce technology) ➤ Using Akamai services in Sydney 65
CENSYS.IO - GEOLOCATION 66
SHODAN.IO 67
VIPS “DORKING” 68
VIPS “DORKING” 69
VIPS “DORKING” 70
VIPS “DORKING” 71
CYBERSECURITY RATINGS FIRMS 72
CYBERSECURITY RATINGS FIRMS 73
CYBERSECURITY RATINGS FIRMS 74
CYBERSECURITY RATINGS FIRMS 75
CYBERSECURITY RATINGS FIRMS 76
DATA BREACHES 77
CYBERSECURITY RATINGS FIRMS 78
CYBERSECURITY RATINGS FIRMS 79
CYBERSECURITY RATINGS FIRMS 80
CYBERSECURITY RATINGS FIRMS 81
THANK YOU!Marco Ermini, 2017

Recommended

Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHMergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHEQS Group
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Chapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessChapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessnewbie2019
 
Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Avinash Ramineni
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)PECB
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Cybertopicsecurity_3
Cybertopicsecurity_3Cybertopicsecurity_3
Cybertopicsecurity_3Anne Starr
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 

Recommended

Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHMergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHEQS Group
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
Chapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessChapter 12 iso 27001 awareness
Chapter 12 iso 27001 awarenessnewbie2019
 
Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Avinash Ramineni
 
The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)The Next Generation of Security Operations Centre (SOC)
The Next Generation of Security Operations Centre (SOC)PECB
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Cybertopicsecurity_3
Cybertopicsecurity_3Cybertopicsecurity_3
Cybertopicsecurity_3Anne Starr
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk ManagementHamed Moghaddam
 
Identifying Code Risks in Software M&A
Identifying Code Risks in Software M&AIdentifying Code Risks in Software M&A
Identifying Code Risks in Software M&AMatt Tortora
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGovernment Technology and Services Coalition
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesJohn Rapa
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...UBM_Design_Central
 
002.itsecurity bcp v1
002.itsecurity bcp v1002.itsecurity bcp v1
002.itsecurity bcp v1Mohammad Ashfaqur Rahman
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copyyuliana_mar
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
M&A Framework for Success - short
M&A Framework for Success - shortM&A Framework for Success - short
M&A Framework for Success - shortSteve Coote
 
Merger & Acquisition integration
Merger & Acquisition integrationMerger & Acquisition integration
Merger & Acquisition integrationYves Zieba
 

More Related Content

What's hot

Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk ManagementHamed Moghaddam
 
Identifying Code Risks in Software M&A
Identifying Code Risks in Software M&AIdentifying Code Risks in Software M&A
Identifying Code Risks in Software M&AMatt Tortora
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesJohn Rapa
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...UBM_Design_Central
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copyyuliana_mar
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 

What's hot (20)

Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governance
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1security
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
 
Identifying Code Risks in Software M&A
Identifying Code Risks in Software M&AIdentifying Code Risks in Software M&A
Identifying Code Risks in Software M&A
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the Beefeaters
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial Services
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of Directors
 
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
 
002.itsecurity bcp v1
002.itsecurity bcp v1002.itsecurity bcp v1
002.itsecurity bcp v1
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security Concepts
 
Information Security Management. Security solutions copy
Information Security Management. Security solutions copyInformation Security Management. Security solutions copy
Information Security Management. Security solutions copy
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
 

Viewers also liked

M&A Framework for Success - short
M&A Framework for Success - shortM&A Framework for Success - short
M&A Framework for Success - shortSteve Coote
 
Merger & Acquisition integration
Merger & Acquisition integrationMerger & Acquisition integration
Merger & Acquisition integrationYves Zieba
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisitionChristopher Dorobek
 
Mergers &amp; Acquisitions in High Tech Industry
Mergers &amp; Acquisitions in High Tech IndustryMergers &amp; Acquisitions in High Tech Industry
Mergers &amp; Acquisitions in High Tech IndustryAbhishek Breja
 
Post-acquisition integration (cross-border case)
Post-acquisition integration (cross-border case)Post-acquisition integration (cross-border case)
Post-acquisition integration (cross-border case)Virgilijus Dadonas
 
Creating A Due Diligence Framework
Creating A Due Diligence Framework Creating A Due Diligence Framework
Creating A Due Diligence Framework Now Dentons
 
Due Diligence Best Practices and Pitfalls
Due Diligence Best Practices and PitfallsDue Diligence Best Practices and Pitfalls
Due Diligence Best Practices and PitfallsFirmex
 
Due Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverDue Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverPavan Kumar Vijay
 
P&G’s Acquisition of Gillette
P&G’s Acquisition of GilletteP&G’s Acquisition of Gillette
P&G’s Acquisition of GilletteSanjaya Sanjaya
 

Viewers also liked (9)

M&A Framework for Success - short
M&A Framework for Success - shortM&A Framework for Success - short
M&A Framework for Success - short
 
Merger & Acquisition integration
Merger & Acquisition integrationMerger & Acquisition integration
Merger & Acquisition integration
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
 
Mergers &amp; Acquisitions in High Tech Industry
Mergers &amp; Acquisitions in High Tech IndustryMergers &amp; Acquisitions in High Tech Industry
Mergers &amp; Acquisitions in High Tech Industry
 
Post-acquisition integration (cross-border case)
Post-acquisition integration (cross-border case)Post-acquisition integration (cross-border case)
Post-acquisition integration (cross-border case)
 
Creating A Due Diligence Framework
Creating A Due Diligence Framework Creating A Due Diligence Framework
Creating A Due Diligence Framework
 
Due Diligence Best Practices and Pitfalls
Due Diligence Best Practices and PitfallsDue Diligence Best Practices and Pitfalls
Due Diligence Best Practices and Pitfalls
 
Due Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and TakeoverDue Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
Due Diligence for Merger & Acquisition, Corporate Restructuring and Takeover
 
P&G’s Acquisition of Gillette
P&G’s Acquisition of GilletteP&G’s Acquisition of Gillette
P&G’s Acquisition of Gillette
 

Similar to M&A security - E-crime Congress 2017

2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business case2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business casepmcbrideva1
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Security in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam LevensteinSecurity in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam LevensteinMiriam L
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022lior mazor
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionBen Rothke
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementSafeNet
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Security Ops for large and small companies
Security Ops for large and small companiesSecurity Ops for large and small companies
Security Ops for large and small companiesMona Arkhipova
 
SIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analystSIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analystInfosecTrain
 
f6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdff6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdfSurendhar57
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
Security Strategies for Success
Security Strategies for SuccessSecurity Strategies for Success
Security Strategies for SuccessCitrix
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and complianceDean Iacovelli
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiebuc
 

Similar to M&A security - E-crime Congress 2017 (20)

2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business case2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business case
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Security in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam LevensteinSecurity in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam Levenstein
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - Web
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryption
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
Charting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key ManagementCharting Your Path to Enterprise Key Management
Charting Your Path to Enterprise Key Management
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
Security Ops for large and small companies
Security Ops for large and small companiesSecurity Ops for large and small companies
Security Ops for large and small companies
 
SIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analystSIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analyst
 
f6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdff6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdf
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
 
Value Stories - 3rd issue - April 2019
Value Stories - 3rd issue - April 2019Value Stories - 3rd issue - April 2019
Value Stories - 3rd issue - April 2019
 
Security Strategies for Success
Security Strategies for SuccessSecurity Strategies for Success
Security Strategies for Success
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
 

More from EQS Group

Blockchain: everyone wants to sell me that - but is that really right for my ...
Blockchain: everyone wants to sell me that - but is that really right for my ...Blockchain: everyone wants to sell me that - but is that really right for my ...
Blockchain: everyone wants to sell me that - but is that really right for my ...EQS Group
 
Impact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A SecurityImpact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A SecurityEQS Group
 
Architecting Security across global networks
Architecting Security across global networksArchitecting Security across global networks
Architecting Security across global networksEQS Group
 
313 – Security Challenges in Healthcare IoT - ME
313 – Security Challenges in Healthcare IoT - ME313 – Security Challenges in Healthcare IoT - ME
313 – Security Challenges in Healthcare IoT - MEEQS Group
 
Achieving PCI-DSS compliance with network security implementations - April 2011
Achieving PCI-DSS compliance with network security implementations - April 2011Achieving PCI-DSS compliance with network security implementations - April 2011
Achieving PCI-DSS compliance with network security implementations - April 2011EQS Group
 
Top risks in using NIPS - Brighttalk - July 2010
Top risks in using NIPS - Brighttalk - July 2010Top risks in using NIPS - Brighttalk - July 2010
Top risks in using NIPS - Brighttalk - July 2010EQS Group
 
Best practices in NIPS - IDC Sofia - March 2010
Best practices in NIPS - IDC Sofia - March 2010Best practices in NIPS - IDC Sofia - March 2010
Best practices in NIPS - IDC Sofia - March 2010EQS Group
 
Best practices in NIPS - Brighttalk - January 2010
Best practices in NIPS - Brighttalk - January 2010Best practices in NIPS - Brighttalk - January 2010
Best practices in NIPS - Brighttalk - January 2010EQS Group
 

More from EQS Group (8)

Blockchain: everyone wants to sell me that - but is that really right for my ...
Blockchain: everyone wants to sell me that - but is that really right for my ...Blockchain: everyone wants to sell me that - but is that really right for my ...
Blockchain: everyone wants to sell me that - but is that really right for my ...
 
Impact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A SecurityImpact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A Security
 
Architecting Security across global networks
Architecting Security across global networksArchitecting Security across global networks
Architecting Security across global networks
 
313 – Security Challenges in Healthcare IoT - ME
313 – Security Challenges in Healthcare IoT - ME313 – Security Challenges in Healthcare IoT - ME
313 – Security Challenges in Healthcare IoT - ME
 
Achieving PCI-DSS compliance with network security implementations - April 2011
Achieving PCI-DSS compliance with network security implementations - April 2011Achieving PCI-DSS compliance with network security implementations - April 2011
Achieving PCI-DSS compliance with network security implementations - April 2011
 
Top risks in using NIPS - Brighttalk - July 2010
Top risks in using NIPS - Brighttalk - July 2010Top risks in using NIPS - Brighttalk - July 2010
Top risks in using NIPS - Brighttalk - July 2010
 
Best practices in NIPS - IDC Sofia - March 2010
Best practices in NIPS - IDC Sofia - March 2010Best practices in NIPS - IDC Sofia - March 2010
Best practices in NIPS - IDC Sofia - March 2010
 
Best practices in NIPS - Brighttalk - January 2010
Best practices in NIPS - Brighttalk - January 2010Best practices in NIPS - Brighttalk - January 2010
Best practices in NIPS - Brighttalk - January 2010
 

Recently uploaded

ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...
ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...
ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...AgileNetwork
 
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixUnlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixCIToolkit
 
Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingSimplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingCIToolkit
 
Board Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch PresentationBoard Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch Presentationcraig524401
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Reviewthomas851723
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sectorthomas851723
 
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Nehwal
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentationmintusiprd
 
Reflecting, turning experience into insight
Reflecting, turning experience into insightReflecting, turning experience into insight
Reflecting, turning experience into insightWayne Abrahams
 
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Roomdivyansh0kumar0
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineeringthomas851723
 

Recently uploaded (13)

ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...
ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...
ANIn Gurugram April 2024 |Can Agile and AI work together? by Pramodkumar Shri...
 
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixUnlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
 
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Tilak Nagar @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
 
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Servicesauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
sauth delhi call girls in Defence Colony🔝 9953056974 🔝 escort Service
 
Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingSimplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
 
Board Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch PresentationBoard Diversity Initiaive Launch Presentation
Board Diversity Initiaive Launch Presentation
 
LPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations ReviewLPC Operations Review PowerPoint | Operations Review
LPC Operations Review PowerPoint | Operations Review
 
LPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business SectorLPC Warehouse Management System For Clients In The Business Sector
LPC Warehouse Management System For Clients In The Business Sector
 
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
Pooja Mehta 9167673311, Trusted Call Girls In NAVI MUMBAI Cash On Payment , V...
 
Fifteenth Finance Commission Presentation
Fifteenth Finance Commission PresentationFifteenth Finance Commission Presentation
Fifteenth Finance Commission Presentation
 
Reflecting, turning experience into insight
Reflecting, turning experience into insightReflecting, turning experience into insight
Reflecting, turning experience into insight
 
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With RoomVIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
VIP Kolkata Call Girl Rajarhat 👉 8250192130 Available With Room
 
Introduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-EngineeringIntroduction to LPC - Facility Design And Re-Engineering
Introduction to LPC - Facility Design And Re-Engineering
 

M&A security - E-crime Congress 2017

  • 1. INFORMATION SECURITY DURING MERGERS & ACQUISITIONS Issues, Safety Measures and Need-to- Know Solutions Marco Ermini, 2017
  • 2. WHY? ➤ Why does it need Cyber Security support? ➤ Aren’t they just ordinary business transactions? ➤ They seem to occur nearly every day, so what is so special about them that they require special security support, or any security support at all? ➤ What value does a security professional bring to the team? 2
  • 3. THE ACADEMIC MINUTE… Black’s Law Dictionary defines mergers and acquisitions as the following: Merger: The union of two or more corporations by the transfer of property of all, to one of them, which continues in existence, the others being swallowed up or merged therein… Acquisition: The act of becoming the owner of a certain property… Divestiture: to deprive; to take away; to withdraw 3
  • 4. THE ACADEMIC MINUTE… It is all about… 1. Costs Control, 2. Market Share, 3. Regulatory Landscape, & 4. Many Others 4
  • 5. KEY BUSINESS DRIVERS ➤Confidentiality ➤Speed ➤Business as usual ➤Zero Impact ➤Informed Business Decision on Risk 5
  • 6. WHY M&A FAIL? ➤ The acquiring company does not properly assess the value of the target company ➤ Inability of the acquiring company to successfully integrate the target company that leads to a failed acquisition “It is well known in the M&A community that most acquisitions fail to create shareholder value, that is, they end up as a negative sum after paying acquisition premium and banker fees, impossible to get synergies to make up loss. The acquisitions that do create value are either a version of corporate venture capital (large company scooping tiny team), or mid-cap industrials buying a supplier. Few and far between…“ 6
  • 10. SCOPING THE THREATS ➤ Special Interest Groups – gain from the Operation ➤ Financial Criminals ➤ Competitors ➤ Acquisition / Merger Company ➤ Disgruntled Employees ➤ General Interest Groups – gain from Impact ➤ Script Kiddies / Hackers ➤ Hacktivists / Terrorists ➤ Spies 10
  • 11. SCOPING THE RISKS ➤ Publicity, raising profile — your interest gets attacker’s interest! ➤ Impact on: ➤ Resources ➤ Technologies ➤ Infrastructure ➤ Disgruntled Employees ➤ Change in threat and risk model ➤ Absorbing unknown / Confusion ➤ Creating new attack vectors and window of opportunity ➤ Business drivers can force this the Security Manager very quickly ➤ Are we all really equipped for change? 11
  • 13. THE ROLE OF A SECURITY MANAGER ➤ Protecting the effort itself ➤ Confidentiality of the total effort ➤ Confidentiality of the team’s work ➤ Evaluating the security condition of the target company ➤ Impact on the deal’s value ➤ Asking the right questions ➤ Providing subject matter expertise ➤ Identify Security Requirements for the New Company ➤ Controlling Rumors ➤ Managing Global/International Aspects ➤ “Team Consultant” ➤ Low Hanging Fruits 13
  • 14. IMPORTANCE OF CONFIDENTIALITY ➤ Premature Disclosure of Intent ➤ Loss of key employees ➤ Bidding wars ➤ SEC Liability ➤ Loss of Initiative ➤ Loss of Goodwill ➤ Target Company ➤ 3rd Parties relationships ➤ Customer relationships 14
  • 15. PROTECTING THE OPERATION ➤ Unintended Release ➤ Unauthorized Release ➤ Protection from competitive intelligence efforts ➤ Documents Control 15
  • 16. THE SECURITY MANAGER IN ACTION ➤ Preliminary background investigations ➤ Collection of Open-Source information ➤ Due diligence ➤ More in-depth look ➤ Estimation of Costs of Cyber Security ➤ Operations security ➤ Protect operational activities ➤ Develop and implement protective measures ➤ Appropriate for each phase of the acquisition 16
  • 18. HOW CAN I VERIFY AN M&A TARGET CANDIDATE? ➤You cannot explicitly test your acquisition’s candidate ➤You cannot simply ask them for their vulnerability assessments’ results ➤Not all companies have a structured and mature security program ➤You cannot silently test them either 18
  • 19. EXTERNAL SOURCES ➤Professional Associations ➤Service Providers ➤Public (Open) Sources ➤Job Applications/Job Postings 19
  • 20. HOW THAT DOES LOOK FOR REAL… 20
  • 22. “CAPTURE” OF SECURITY CONTROLS ➤ 13 Domains to verify 1. Digital Identities 2. Admin Accounts 3. Endpoints/Client Systems 4. Servers 5. Networks 6. Hosting 7. Email 8. Data Recovery 9. Boundary Defenses 10.Assets Inventory 11.Operational Security 12.Physical Security 13.Wireless Networks 22
  • 23. EXAMPLE OF POLICY REQUIREMENT Domain Verification How-to Objectives Minimum Acceptable Level Digital Identities Verify status of identities in main identity store (use of unique IDs, generic accounts, password policy, Groups’ usage, GPOs, Federations, etc.). Verify if anything is outside of the main identity store (e.g. VPN accounts, Cloud accounts, supplier accounts, etc.).  Interview with IT admins from Target.  Snapshot of information from AD/LDAP.  Interview with business units which manage other tools (Cloud etc.), to understand how this is managed  Ensure appropriate controls are in place to protect Target environment and data  Get an idea of the complexity of the DI structure of the Target.  Understand usage of Cloud applications and identities.  Understand how restriction of access to information happens in Target.  There is a Directory Service  Unique IDs are used  Permissions are assigned via Groups in the Directory Service  Service and Cloud accounts are gathered, minimized, and under control  Sensitive files are shared in a secure way Admin Accounts Verify status of admin account management in main identity store, if managed there. Verify if anything is outside of the main identity store (e.g. VPN accounts, Cloud accounts, supplier accounts, etc.)  Interview with IT admins from Target.  Snapshot of information from AD/LDAP and other tools.  Ensure admin account controls are defined, implemented and reviewed to protect systems and data  Understand how IT administrative actions are performed, what the  Admin accounts are managed under a Directory Service  Admin accounts are unique for each admin  Central ownership of who gets appropriate rights  Process for removing rights as appropriate 23
  • 24. EXAMPLE OF INTERVIEW QUESTIONS Domain Minimum Acceptable Level Key Topics for Discussion Digital Identities  Directory Services of any kind are used  Unique IDs are used  Permissions are assigned via Groups in the Directory Service  There is an adequate password policy in place  Service and Cloud accounts are gathered, minimized, and under control  Sensitive files are shared in a secure way  How many people are present in the company? Get overview of employees’ org chart/roles, and how many people are in IT and Security.  How old is the company? Get brief history, acquisitions, etc.  Which DS is used? (AD, which version?)  Get overview of Groups, GPOs, shared accounts, shared mailboxes, federated services, password policy (for AD, request screenshots).  Is every system and device connected to DS and follow password policy, or there are systems which have their own passwords (e.g. Wi-Fi, network devices, etc.)?  What is the process by which Group ownership, permissions and accesses to systems and applications are granted?  Get overview of Cloud services used and how accounts are managed, if SSO is used and how, especially concerning files and documents sharing with third parties.  Is Cloud Sharing such as Box, Dropbox etc. being used? Admin Accounts  Admin accounts are managed under a Directory Service  Admin accounts are unique for each admin  Central ownership of who gets appropriate rights  Process for removing rights as appropriate  Get overview of how administration is performed, if AD Groups and GPOs are used, if shared accounts and/or shared mailboxes are used for admin accounts  Understand how permissions are granted and removed from users as their work and function changes in the company 24
  • 25. RISK ASSESSMENT ➤ Management Summary with a clear status ➤ Clearly indicate the area that will need additional attention ➤ Especially indicate where the additional costs will incur (e.g. new wireless equipment, re-imaging of the endpoints, reimplementation of firewall, etc.) 25
  • 26. IMPACT ASSESSMENT➤ Indicate the kind of impact: ➤ Security ➤ Processes ➤ Costs ➤ Indicate expected remediation, aligned with IT ➤ If not possible to estimate costs immediately, indicate how they should be calculated (e.g. need to provision new firewall cluster) 26
  • 27. SUMMARIZE FINDINGS ALIGNED WITH IT IN ONE SLIDE 27
  • 28. COSTS ALIGNED WITH IT FOR THE INTEGRATION 28
  • 30. STARTING TO WORK IN CLEAR SIGHT ➤ The news is out ➤ Information Completeness is paramount ➤ An Integration Plan is proposed ➤ Technical Integration ➤ Networks, PCs, applications, data centers, hosting… ➤ Business Processes and Systems ➤ Timing ➤ The Integration Plan must also negotiate from an “as-is” to a “to-be” state for the Target. 30
  • 32. Target Characteristics Security Guidelines SLAs SMALL ➤ Small employee base (< 200 employees) ➤ Low complexity ➤ Private ownership ➤ Little to no geographical diversity ➤ No separate legal entities ➤ No/limited need to keep the same facilities ➤ No/limited to keep the existing technologies ➤ Purchased for limited product portfolio, technology, talent, or local presence ➤ Baseline security controls Target is fully absorbed into IT infrastructure ➤ All IT labor is absorbed into IT global business units ➤ Security controls established or confirmed in less than 100 days MEDIUM ➤ Similar to previous kind, but Target has certain identifiable complexities that require specific sensitivity during integration ➤ Fewer than 500 employees ➤ Needs to be stand-alone for a certain period of time ➤ During stand-alone time, Target maintains defined non- compliances ➤ Supports its own IT infrastructure during the stand-alone phase ➤ Integration of Target may be full, hybrid, or standalone ➤ All IT labor is absorbed into IT global business units ➤ Operation integration of some IT infrastructure may take +180 days ➤ Processes may take 3 to 9 months LARGE ➤ More than 500 employees ➤ Relatively large operations ➤ Significant multinational presence and subsidiaries ➤ Target contains certain identifiable complexities that require specific sensitivity during integration ➤ Integration of Target may be full, hybrid, or standalone ➤ IT labor can stay funded by Target company ➤ Operation integration of some IT infrastructure may take +180 days ➤ Customized integration plan ➤ IT Support is shared ➤ Processes take more than 12 months 32
  • 33. COMBINING THE TWO COMPANIES ➤ Resources, staffing, processes, and systems are combined ➤ Business processes are as much as possible leveled ➤ IT tools are unified ➤ Active Directory merging strategy is key! ➤ The Target company has comparable / same security ➤ Exceptions are documented and signed off by leadership (executives, CISO) ➤ Agreed-upon designs are implemented ➤ Operations — including InfoSec – are turned to standard support ➤ Weekly or recurring meetings can be setup to assess progresses 33
  • 34. PLANNING THE ACTIVE DIRECTORY INTEGRATION ➤ Training for the technicians performing the migration ➤ Scheduled outages ➤ Companies’ cultural differences such as who's allowed access to AD and Exchange, or how file system security is set ➤ Network differences between the two sites ➤ Network, AD, or Exchange anomalies ➤ Customer and employee communication 34
  • 35. PAIN POINTS IN ACTIVE DIRECTORY INTEGRATION ➤ Deciding the strategy ➤ Integrate the Target into the Acquiring ➤ Build a new, combined AD ➤ Migrate legacy objects into a new AD ➤ One Company, One Email! ➤ Free/Busy Information ➤ Exchange/Lync/Office/AD versions ➤ Office 365? ➤ External Federations/Partners/ADFS? ➤ DNS configuration/forwarding ➤ SID history/filtering ➤ Evaluate purchase of a dedicated AD migration/upgrade tool 35
  • 37. MERGING POLICIES • Safeguards against disgruntled employees • New employee contracts • Are existing Policies still relevant? • Are we “dumbing down” their security? • Existing employee contracts • Do they protect you? • Do they meet new relationship? • Identify key policies — yours vs theirs • Work with Legal Departments 37
  • 39. THE NEW SECURITY DEPARTMENT ➤ Cost/Budgeting ➤ Pre-merger: OpEx ➤ Merger: CapEx, Processes ➤ Post-merger: Optimization ➤ Communications 39
  • 40. WHAT IF I AM ON THE WEAK SIDE? 1. Identify specific strengths that can be useful in the merging ➤ Experience from security incidents ➤ Technological implementations ➤ Local knowledge and compliance 2. Be prepared to learn ➤ What is the current Cyber Security philosophy? ➤ Who is taking security-related decisions? 3. Don’t rush your career decisions ➤ Can bring new opportunities ➤ Meet the new management 40
  • 44. MOVING TO A CLOUD-BASED ERP OR EMAIL SOLUTION 44 ➤ Traditional M&A dogma is “transition, then transform” ➤ Companies however are leveraging migration to key technologies to the Cloud during the M&A process as an enabler ➤ Can simultaneously replace aging, capital-intensive technology with a subscription-based operating model ➤ Ideal also for divestitures ➤ Boarding is considerably faster and cheaper than traditional on-premise solutions (Accenture estimate: 30% for both) ➤ Ultimate flexibility during a post-deal transition
  • 46. OPEN SOURCE INTELLIGENCE ➤ Collection of free tools and source of information ➤ They divide into ➤ Tools which can run locally ➤ Search Engine “dorking” (e.g. Google hacking) ➤ Semi-closed sources ➤ Exploitation of sites which have originally other purposes (e.g. social networks, dating sites…) 46
  • 57. OLD (AND NEW) FASHION SCANNING 57
  • 65. CENSYS.IO (SEMI-FREE) ➤ Parsing and collection of various publically-available information ➤ Example: certificates ➤ SSLVPN in France and Munich ➤ Date Center presence in Munich, San Diego, Sydney ➤ Demo-site of Hybrid (e- commerce technology) ➤ Using Akamai services in Sydney 65