It’s official: your company is going through a merger or acquisition. As a security professional, that scares you, and understandably so. Few events in a company’s lifespan match the rate of change of even the most well-planned M&A. It can reshape an institution’s identity from its core and leave every employee, from junior analysts to the CEO, feeling the effects. In the midst of all this change, it’s even more difficult to understand your company’s security risks, just when it’s more important than ever to have that visibility. Often, security professionals are unable to prepare for the dangers that a merger can pose to your security and your intellectual property. The combination of uneasy employees, new hires, and rapid growth makes for a perfect storm of security threats.
Threat #1: Disgruntled Employees Fearing for Their Jobs
Historically, M&As make employees uneasy. From the moment of announcement, many will immediately begin fearing for their jobs and start taking steps to safeguard their careers. This could mean that they start searching for a job, or, even worse, start aggregating company data to take to a new employer. Few things are more dangerous to IP than a group of employees who are afraid for their futures. In the midst of a merger’s uncertainty, they could be driven to extreme measures to protect themselves.
The key to defending yourself here is visibility. If you automatically start treating every employee like they’re guilty, you’ll only be aggravating the atmosphere of fear and distrust. Instead, monitor employee behavior and take preventative measures only when necessary. Keeping an eye on employees spending an usual amount of time on job hunting sites like LinkedIn will tell you who’s planning on leaving, and will allow you to take steps to re-engage them and to protect your IP. Plus, monitoring employee behavior and watching which sensitive files are being accessed and downloaded means that you’ll know when someone is hoarding crucial data like designs, customer records, and details about confidential projects.
Threat #2: Cybercriminals Taking Advantage of Security Weakness
Face it: it’s nearly impossible to keep up perfect standards of network security during a time of such rapid change. Hackers know this, and they keep track of mergers and acquisitions news for that very reason. While your defenses are down and you’re distracted by a whole new influx of employees, endpoints, and standards, cybercriminals are honing in on your weak spots. The worst part is, in the midst of all the chaos, you may not even realize you’ve been hit until you settle back down into a new normal a process that could take months, or even years.
In the chaos of a merger, you might not realistically be able to keep your network security completely ironclad especially considering that cybercriminals are giving you extra TLC thanks to your merger status. What you can do, however, is make sure you keep your eyes peeled for suspicious activity within your network. Monitor your endpoints so that you know if there’s an unwanted presence within your system, or if a hijacked endpoint is trying to aggregate and steal data.
Threat #3: Outside Agents Attempting Infiltration
If an external party wanted to gain access to your company, a merger or acquisition would be the perfect time to do it. With hires and fires happening left and right, plus a general feeling of unfamiliarity among employees and management, mergers create an ideal environment for infiltration. Common methods include getting someone hired into the company, compromising login information, or using remote access malware.
This is another one where user monitoring is critical. A skilled criminal that’s infiltrated your company may be able to trick you easily face-to-face, but their actions will inevitably give themselves away. Monitoring is the best way to catch them at their game, hopefully before they’re able to do too much damage. Plus, there’s a bonus: if you’re monitoring and logging, you’ll have excellent evidence when it comes to investigation and prosecution.
True M&A Security: Does It Exist?
It’s not all doom and gloom. Just remember that the most important part of keeping yourself secure during any major change not just mergers, specifically is to keep your eyes open to everything that’s happening within your company. Endpoint visibility is a key ingredient in being able to profile user behavior and catch anomalies before they become security incidents. By applying advanced analytics to endpoint user activity, your team will be alerted to unusual changes and known bad behavior in your environment that signal when an employee is getting ready to leave or flag that a machine has been compromised. With this heightened level of visibility and awareness, you’ll be much better prepared to get through a M&A safely.
Getting ready to go through a merger or acquisition? Dtex can help you prepare.