National Cyber Security Awareness Month: Cyber Due Diligence

The company looks great on paper it has an innovative product, a great sales team and a lean approach to expenses. Whether the business model is centered around customer data, intellectual property or proprietary information, a key question often overlooked by investors is: “Has management really recognized the issues and risks posed by insecure data protection?”

Even good companies can be unprepared

How can you ensure that an investment target isn’t one keystroke away from a major cyber incident or data breach? How can you be sure that an attacker isn’t already lurking in their network? If a threat is identified, does the organization know how to respond to mitigate damage so brand, reputation and investment value are retained?

Cyber Due Diligence conducted prior to investment can identify actual or potential cyber security lapses, areas that may be at risk, quantify remediation costs and help restructure an investment should substandard cyber security systems data or latent breaches be discovered. Likewise, a target can strengthen its attractiveness to investors by conducting its own cyber due diligence, enabling it to mitigate risk through identifying and minimizing any found cyber weakness.

Kroll’s experts know that cyber security risks are here to stay and have been helping investors identify, evaluate and quantify them. For more than 40 years, Kroll has advised private equity firms, hedge funds, investment banks and venture capital investors on reputational due diligence matters. Our cyber experts provide the same high level of care and attention in conducting your cyber due diligence, enabling us to:

• Uncover the cyber vulnerabilities you may be buying unwittingly
• Know if you are buying a company with an undisclosed data breach
• Reveal breach-breeding weaknesses in the target company’s culture

Kroll’s cyber due diligence assessment

Kroll’s Cyber Due Diligence provides clients with a level of assurance regarding the state of their enterprise systems. Using its customizable modules described below, to assess a firm’s Cyber strengths and weakness, Kroll’s thorough gap analysis provides actionable information for management to sharpen their practices and procedures.

1. Endpoint threat monitoring and analysis
2. Security Controls review with IT security
3. Incident response table-top exercise

What we do

Module 1: Endpoint Threat Monitoring and Analysis

Kroll can quickly install a sophisticated toolset that will rapidly detect and respond to threats in the subject environment. This enables us to watch every piece of software on every machine in real time. We can help you know what is happening in the network right now. Kroll’s cyber security experts will work with your team to identify appropriate steps to contain and respond to any incident we detect and to implement countermeasures that help thwart future attacks.

Module 2: Security Controls Risk Assessment

Kroll’s Security Controls Review evaluates existing policies and procedures to determine if the right standards and framework are in place to respond to a Cyber Security incident. Our comprehensive assessment can determine if the right controls are in place to protect your confidential assets, and how well you can detect, respond to, and mitigate threats. A review can be standards-based (ISO, NIST, PCI-DSS, HIPAA/HITECH, GLBA, etc.), or against Cyber Security Best Practices.

Module 3: Incident Response Tabletop Exercise

A tabletop exercise can help identify any gaps or deficiencies prior to experiencing an incident, and ensures that responders know what to do in the event of an incident. Incident Response planning is critical to effectively detect and manage security incidents or data breaches. An Incident Response plan is a good first step, but it is not enough. The organization needs to effectively execute that plan so that reputational issues and associated costs, including notification and legal expenses, don’t quickly spiral out of control.

What you get

End Point Threat Monitoring Analysis Report

• We’ll provide a report that details any suspicious activity or areas of concern, and our recommendations for remediation.
• The IT department can use this report to address vulnerabilities and improve monitoring.
• Our Endpoint Threat Monitoring tool can be left behind and training provided so that detailed monitoring can continue.

Security Controls Risk Assessment Report

• We’ll provide a report documenting the strengths and weaknesses of Cyber Security policies and procedures, and provide our expert recommendation.
• The management team can use this report to add or modify policies and procedures.

Incident Response Table-top Exercise Report

• Following the tabletop exercise, we’ll create a report identifying what was done well and what wasn’t and provide actionable items for improvement.
• The management team can use this report to improve procedures and clarify roles and responsibilities.

With these Kroll reports in hand, management and investors can move forward with a thorough understanding of their cyber security environment.

About Kroll

Kroll is the leading global provider of risk solutions. For more than 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations, and security through a wide range of investigations, due diligence and compliance, cyber security, physical and operational security, and data and information management services. Headquartered in New York with more than 55 offices across 26 countries, Kroll has a multidisciplinary team of nearly 2,300 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals.