Cybersecurity and M&A: What can we learn from Yahoo?
Yahoo announced yesterday that CEO Marissa Mayer would forfeit a $12 million equity bonus due to the security breach incurred during her tenure. The general counsel Ron Bell was forced to resign. The breach cost Yahoo $350 million from its top value in the sale to Verizon and the company now faces at least 43 class action suits.
http://money.cnn.com/2017/03/01/technology/yahoo-marissa-mayer-security-breach/index.html
These events should serve as a warning to anyone in the M&A business. A compromise assessment should be a part of any due diligence package done by investors. You will want to know BEFORE term sheets are in process whether or not the company in question has had a breach.
Executives should also take note. Boards will hold them accountable.
President Reagan had a famous saying, “Trust, but verify.” Executives should ask for 3rd party verification of their company’s security. Most CISOs would actually agree. Their teams are usually doing a great job, but are understaffed and often underfunded. Another set of eyes on a potential problem can make a big difference. To quote Secretary Rumsfeld,
“Reports that say that something hasn’t happened are always interesting to me, because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns – the ones we don’t know we don’t know.”
Don’t wait to find out the ‘unknown unknowns’ the hard way…
BACK TO BLOGS