Cybersecurity’s role in M&A deals is increasingly important

21 Sep 2022

From left: Karl Curran, Orla O’Gorman and Simon Holmes. Image: Aon

Aon’s latest report highlighted that businesses are becoming more cautious about M&A deals and that due diligence in the area of cyber is vital.

Just 18pc of businesses in Ireland are considering engaging in merger and acquisition (M&A) activity in the next two years, significantly less than global counterparts.

That’s according to Aon’s recent M&A in Ireland report, which surveyed 290 businesses across the country between April and June 2022.

The report also revealed the key roles digitalisation, technology and cybersecurity play when companies are considering engaging in M&A activity.

Speaking to at the launch of the report, Aon Ireland’s head of M&A and transaction solutions, Karl Curran, said most organisations now are striving for digitalisation.

“If you think about the old reliables due diligence-wise – your financial, legal and tax – they’re now definitely being joined by things like cyber, digital technology and intellectual property,” he said.

“We’re certainly seeing a lot more organisations carry out dedicated due diligence when it comes to those cyber, intellectual property, digital risks as they seek to gain an advantage.”

‘Ignore cyber at your peril’

While 42pc of respondents said that failure to identify cybersecurity and technology risks in M&A targets could prevent a deal from taking place, only 26pc of respondents cited cybersecurity as an important focus area for due diligence.

Orla O’Gorman, a non-executive director and strategic adviser to various companies, said cyber is playing an increasingly important role in M&A activity and it’s no longer just the remit of large organisations.

“Every organisation has a cyber dimension,” she said. “It’s really important because, to an extent, that new organisation is joining yours, you’re creating more windows into your own IT security system, and it’s got to be safe.”

O’Gorman added if proper due diligence isn’t carried out and the cyber dimension isn’t safe, it can erode the entire value of the deal as well as a company’s reputation. “Ignore it at your peril.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Jenny Darmody is the editor of Silicon Republic