Best Practices for Cybersecurity and IT Due Diligence Engagements
Thursday, April 8, 2021
Should you spend your due diligence budget for your next merger or acquisition on cybersecurity professionals or accountants? While due diligence has long been within the purview of accountants and deal attorneys, the current business and IT climate demands that an organization making an acquisition perform due diligence on the security posture and compliance status of its target, regardless of the industry in which the target operates. Due diligence engagements aim to answer important questions, including:
- Has the target organization built an information security program?
- Has it conducted security testing?
- Is it following privacy regulations?
- What are its compliance and contractual requirements, and are those requirements being met?
- How does the potential acquisition affect current compliance certifications for both parties?
- How difficult is it for the target to integrate into the buyer’s existing technical platform and are transition services needed?
Join us for the next Midwest Cyber Security Alliance virtual meeting on Thursday, April 8, 2021, during which Brad Lutgen and Kevin Bong from Sikich’s cybersecurity practice, together with Jennifer Urban from Foley & Lardner, will discuss what should be covered in a cybersecurity and IT due diligence engagement. The presenters will dig into specifics on various services, talk about actual acquisitions and the fallout from poorly executed due diligence, and cover the expectations of insurance companies when they provide rep and warranty insurance coverages on a deal. You will walk away with an understanding of how information security and IT professionals from your organization should plan for its next acquisition, or how those same teams can prepare to be acquired.Perhaps the most important question of all — how do the answers to the above questions impact the deal from a risk and valuation standpoint?
To register, please click on the RSVP button below. There is no fee to attend this event, but advance registration is required.
NOTE: Upcoming MCSA meetings will be hosted virtually until it is safe to gather in person again. While we miss connecting with everyone from the scenic 40th floor of our Milwaukee office, we look forward to expanding participation to our colleagues and peers located outside of the Milwaukee–Chicago corridor!
Jennifer L. Urban, CIPP/US
Foley & Lardner LLP
Partner, IT Solutions and Cybersecurity
Director, Penetration Testing
The Midwest Cyber Security Alliance (MCSA) is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professional firms advocating for more effective cybersecurity solutions. MCSA’s mission is data privacy and security through education, specifically, cyber preparedness and security awareness. The organization is a meeting place for all cybersecurity stakeholders, in every industry, to collaborate on current cyber threats as well as cyber defenses and strategies.
Foley & Lardner LLP will apply for CLE credit after the program, wherever applicable. Foley & Lardner LLP certifies that this activity has been approved for California MCLE credits by the State Bar of California in the amount of 1.0 General credit. Foley & Lardner LLP is a State Bar of California MCLE approved provider. Please note that participants must be in attendance on the date of the event; credit may not be obtained by viewing and/or listening to a program recording after the event. Certificates of attendance will be distributed to eligible participants approximately eight weeks after the program via email.
Important Information for New York Attorneys: This program is appropriate for experienced attorneys only.
This program may be eligible for continuing privacy education (CPE) credit toward CISA, CISM, CGEIT, and/or CRISC certifications and maintenance. Please visit the ISACA website to review the specific CPE requirements for your certification and verify whether the topic(s) addressed in this program align with one or more of your certification’s job practice areas: CISA, CISM, CGEIT, CRISC. If determined to be eligible, you may pick up a copy of the ISACA Verification of Attendance form onsite during the program.