New guidance tackles cyber threat for UK firms doing deals

LONDON Thu Jan 16, 2014 12:38pm EST

Related Topics

LONDON Jan 16 (Reuters) - British companies engaging in mergers and acquisitions, buyouts, capital raisings and stock market listings are prime targets for cyber attacks and need to make cyber security a top priority, according to new, government-backed guidance.

The volume and sensitive nature of information generated and shared widely during the course of a deal makes the corporate finance community particularly vulnerable to cyber crime, according to the Institute of Chartered Accountants in England and Wales' (ICAEW) Cyber-Security in Corporate Finance report.

The report, published on Thursday, cites several examples to highlight the risks related to deals, including the case of one midcap UK company which saw data related to a new technology stolen after its computer network was infiltrated.

Overall, cyber crime is estimated to cost UK businesses several billion pounds per year, the ICAEW said.

The report contains tips to help guard against threats from organised crime networks, nation states, so-called "hacktivists" and employees looking to profit from advance notice of a deal, to sell on information or data, or to sabotage deals entirely.

Devised by its "Taskforce" of 12 major professional organisations, including the Cabinet Office and the London Stock Exchange, and backed by the government's 860 million pound ($1.4 billion) National Cyber Security Programme, the guidance spans all phases of a deal from initial information gathering to completion.

Among its recommendations, the Taskforce suggests limiting the number of people "brought inside" early deal talks, appointing an IT team to monitor activity around shared information, carrying out due diligence on the cyber security systems of all parties involved in a transaction and creating incident response plans.

"It's very important to guard against over-confidence within circles of trust and to question whether all information should be shared with all parties during a corporate finance transaction," said ICAEW Chief Executive Michael Izza.

"A weak link in the security of any of the parties can easily be exploited," he added.

The ICAEW said the Taskforce would keep the guidance under review and may update it in the future in recognition of the constant development of new threats and new ways of managing these threats.

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.