Rarely a week goes by without some company merging with or buying another firm. Security managers play a complicated triple role in the process, providing security services to the acquisition team, helping to evaluate the effectiveness of the target company's security program and integrating the two security organizations.
In Mergers and Acquisitions Security: Corporate Restructuring and Security Management, Edward Halibozek and Gerald Kovacich bring these roles to light, if in a roundabout way, and show how security managers are integral parts of the merger and acquisition (M&A) process.
This is not a book about computer security-- the intended audience is the security executive who oversees physical and IT security. But there is good information for those security pros who lack experience with this type of expansion. Charts, bullet points, case studies and discussions of the business drivers behind M&As clear up the finer points. As topics progress through the various phases of the M&A process, the authors include several sample security documents and checklists that put their ideas into context.
The value of Mergers and Acquisitions Security comes in its section on the uses and challenges of personnel protection (your M&A team members may experience personal risk, and dealing with this risk effectively is necessary if they are to do their work). The authors do a good job of identifying and explaining what you can expect from the protector and the protected.
Sadly, most of the good information is buried under bad writing. Organizationally, the book is a mess. Topics are repeated, and the order of the chapters within each section is a bit off. For example, "Why Premerger and Acquisition Security Support?" is the second chapter in the premerger section, and follows a chapter on how to perform a competitive analysis; a more logical organization would have started with the "why" material. The authors also take a long time to get to the point, so much so that it's possible to glaze over entire paragraphs without missing anything. Fortunately, the most important items are listed in bullet points or callouts; skimming helps you to get the critical information.
If you're in business, the chances are good that your organization will one day buy, or be bought by, another company. Mergers and Acquisitions Security is a good, if long-winded, guide to your future role as a participant in the complex world of mergers and acquisitions.
--DAVID BIANCO
Top Shelf
Visit SearchSecurity.com's Information Security Bookshelf for chapter downloads from these books and more.
Data Protection and Information Lifecycle Management
By Tom Petrocelli
Prentice Hall PTR
Sarbanes-Oxley: IT Compliance Using COBIT and Open Source Tools
By Christian Lahti, Roderick Peterson and Steve Lanza
Syngress
Security and Usability
Edited by Lorrie Faith Cranor and Simson Garfinkel
O'Reilly
Cryptography in the Database: The Last Line of Defense
By Kevin Kenan
Addison-Wesley Professional
InfoSec Career Hacking: Sell Your Skillz, Not Your Soul
By Aaron W. Bayles, Ed Brindley, James C. Foster, Chris Hurley and Johnny Long
Syngress
Outsourcing Information Security
By C. Warren Axelrod
Artech House Publishers
Web Feedback
Tell us what you think of our book reviews or the titles on our online bookshelf. Send your comments to
feedback@infosecuritymag.com
or enter your thoughts on SearchSecurity.com's Sound Off.
As IT people, we focus on the technology, but people are our biggest security risk. The Art of Deception: Controlling the Human Element of Security focused on security as people."
--Roberta Wallis, Managing Director of IT, US Fund for UNICEF
For a sample chapter of this and other information security titles, visit www.infosecuritymag.com/bookshelf.
