There are no ISO or other standards and, few publications or dedicated books on Managing Merger & Acquisition regading Information Security.
ISACA Luxembourg Chapter will organize the next conference of 2019 dedicated to ISACA Luxembourg AGM, followed by a conference on Mergers & Acquisitions - Forgotten Son of Information Security, by Dr. Marco ERMINI. The conference will be followed by a networking cocktail.
Generally, M&A Due Diligence teams have little care for a target company’s ICT security and compliance program.
After the session, we will be able to consider:
- Define Information Security risks & threats in Mergers & Acquisition operations
- Depict a strategy for integration which helps avoiding precarious IT migrations, proliferation of unsanctioned tools, a regulatory mess and huge impact of legacy infrastructure
- Scoping the threat actors and their interests
- Identify why it is important that InfoSec be involved in the early phases of a Due Diligence process, and how it can affect the operation itself including the monetary transactions
- Recognize how Cloud affects InfoSec M&A and how it can help mitigate risks
- Use scanning and OPSEC tools without violating laws and NDAs
- Understand the role of the Security Manager in the whole process