Cyber risks are increasing, and as a result, due diligence inquiries and valuations are increasingly focusing on the cybersecurity and privacy risks inherent in a business’s collection, use, retention and disposal of data. Similarly, a business’s information security posture and vulnerability to cyberattacks has become a key concern in corporate due diligence. Liabilities and assets are no longer just limited to a company’s books but have more wide-reaching implications around possessing data and the ability to safeguard that data.

Why Is Cybersecurity Due Diligence Important?

Cybersecurity has become front and center for businesses and a top concern for company executives, boards of directors and investors. Ransomware attacks, loss of company data, business interruptions, data breaches, and damage to critical technical infrastructure—all consequences of a cyberattack—rank among the highest costs to businesses today.