C-Suite On Deck
Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
The Acquired Breach: How to Spot Cyber Risk in Your Acquisition
Your company just acquired another business and things are great. Your market cap is growing, shareholders are happy, and teams are working hard. Then, you get a call that makes your stomach turn. Your team has uncovered an ongoing breach in the company you just acquired. Your world changes immediately. Think the acquired breach can’t happen? Marriott’s executive team experienced just this in September 2018 when their teams uncovered an ongoing breach in a Starwood guest database . Marriott uncovered the breach after 4 years when an alarm was triggered as the attackers tried to exfiltrate data. The roots of the breach may date back to an incident in 2014 where a restaurant Point-of-Sale system was infected, spreading through the company network. Understandably, there is limited evidence after 4 years to trace the source of the attack, however, the current breach was ongoing before Marriott acquired Starwood in 2016. Often in acquisition diligent companies have said “we had a breach, but we fixed it”. We used to take that statement at face value and move on because the cost of breach was low relative to the cost of prevention. In this case, two years later in a world with heightened sensitivity to cybersecurity, that decision came back to bite Marriott
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.