A top manufacturer was about to perform a pre-acquisition due diligence cybersecurity investigation. The client estimated the entire digital forensic investigation would take several months to complete. CyCraft did it in a few days. Not only did CyCraft reduce investigation time by over 99 percent but the cost and workforce investment were further reduced by an estimated 95 percent.
Download and read the full white paper.
Finance, sales, and company culture have always been important factors in any merger and acquisition. However, as the shockwaves of advanced persistent threat activities and cyberattacks spread over more and more news media sites, pre-acquisition technology and cybersecurity due diligence investigations are becoming the standard operating procedure for M&As.
Marriot’s failure to perform a thorough due diligence cybersecurity investigation on its Starwood acquisition in 2016 led to the 2018 data breach that resulted in 28 million USD in expenses, the potential compromised movements of US government military and intelligence officers, the theft of credit card and passport information on over 300 million guests, multiple class-action lawsuits, and most recently a £99 million GBP fine (over 120 million USD) from the UK’s Information Commissioner’s Office (ICO) for violating British citizens’ privacy rights.
A due diligence cybersecurity investigation could have revealed the remote access trojan and MimiKatz within the compromised Starwood system and would have recommended against storing encrypted data and its keys on the same server.
Later in 2018, but across the Pacific Ocean, one of the four leading fabless semiconductor companies, with over 7.7 billion USD in annual revenue and over 25 global branches, was preparing for a strategic acquisition to expand its operations. In a wise effort to defend itself against the looming threat of business altering cyber attacks (such as Starwood’s data breach), the company began conducting a thorough and exhaustive cybersecurity due diligence investigation.
The company had inherited a large volume of legacy IT from the acquired company and had to not only diagnose the entirety of their existing IT systems to uncover all possible blind spots but also had to integrate the entire acquired infrastructure into all of their existing systems. This would have required the resources of their entire cybersecurity team as well as several months.
Our AI-driven CyCraft AIR detection and response platform (previously named CyCarrier AIR) was brought in to perform the security due diligence investigation on the acquired company. CyCraft AIR completed the entire digital forensic investigation in a few days.
Impressed with the 99 percent time reduction, the company not only continued leveraging CyCraft AIR to smoothen the integration of the acquired infrastructure into their existing systems but continues using CyCraft AIR as a key cybersecurity solution for their company to detect and manage APT-level threats to this day.
Download and read the full white paper.
Blog| LinkedIn | Twitter | Facebook | CyCraft
When you join CyCraft, you will be in good company. CyCraft secures government agencies, Fortune Global 500 firms, top banks and financial institutions, critical infrastructure, airlines, telecommunications, hi-tech firms, and SMEs.
We power SOCs with our proprietary and award-winning AI-driven MDR (managed detection and response), SOC (security operations center) operations software, TI (threat intelligence), Health Check, automated forensics, and IR (incident response), and Secure From Home services.
CyCraft is a cybersecurity company founded in 2017, focusing on autonomous AI technology. Headquartered in Taiwan, it has subsidiaries in Japan and Singapore. CyCraft provides professional cybersecurity services to government agencies, police and defense forces, banks, and high-tech manufacturers throughout the Asia-Pacific region. It has received strong backing from the CID Group and Pavilion Capital, a Temasek Holdings Private Limited subsidiary.