Cybersecurity due diligence has become a bedrock component of mergers and acquisitions. Recent surveys have revealed that as many as 73% of buyers conducting due diligence have uncovered evidence of undisclosed data breaches. Buyers—and sellers—have ample reasons to be concerned about cybersecurity risks given recent disastrous examples. For instance, Verizon’s acquisition of Yahoo! was significantly disrupted when Yahoo! belatedly disclosed a major data breach that had been ongoing for more than two years. Yahoo! was forced to reduce its sales price by a whopping $350 million, and the Securities and Exchange Commission slapped the internet giant with a $35 million fine for failing to properly disclose the breach.

While not every deal is a multibillion acquisition, supporting the deployment of a cybersecurity due diligence team, there are five tools in the cybersecurity playbook that every buyer-side lawyer can use.