You may want to review our Corporate Mergers and Acquisitions Security Learning Guide or other tips on information...
security merger management.
Depending on the level of publicity around the merger, external threats of attack may increase. Criminals could assume -- perhaps rightly -- that you are distracted by the merger or too busy investigating the other company to monitor your systems for attacks. To mitigate merger threats, monitor for unexpected connections from the other company, and pay close attention to your systems and logs throughout the M&A process. When analyzing the logs, one possible indicator of malicious activity could be logins by accounts with high levels of access from more than one location in a short period of time.
Internal threats could arise from the other organization connecting to your internal network. Such connections might connect on the inside of your firewall and bypass all of the network protections you have in place. During a merger, the internal threat could come from users who are transferring roles or gaining additional access to systems, users who might then be able to manipulate their roles for malicious purposes. To prevent this, enable additional logging and analysis during this time to identify potential issues, and make sure the integration and provisioning of user roles are carefully monitored.
Dig Deeper on Security vendor mergers and acquisitions
Related Q&A from Nick Lewis
Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and ... Continue Reading
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading