Hidden Costs of Insecure Mergers and Acquisitions (M&A)

March 7, 2023

The global Mergers and Acquisitions (M&A) landscape has been taking interesting turns since the advent of the COVID-19 pandemic in 2020. After a significant drop in the value of strategic deals in 2020, the numbers have hit an all-time high and leveled at pre-pandemic averages in the past two years, suggesting a global comeback. As dealmakers become more knowledgeable of global factors that may make or break the deal amidst economic fluctuations, it is becoming imperative to ensure the success of M&A deals.


Cybersecurity is emerging as a critical factor for dealmakers to consider while making M&A deals. A 2021 Fortune 500 CEO Survey revealed that two-thirds of CEOs felt cybersecurity risk was their highest ranking concern—greater than risks of political instability and lack of resiliency resulting from the pandemic and other threats. This is not too surprising, given that cyberattacks in 2022 have increased 38% in a single year.


In the M&A context, cybersecurity is vital in deciding the fate of the deal. It divulges multiple and simultaneous risks for an organization, not limited to loss of business-critical data, reputational damage, financial overlays and legal risks. Some of these consequences are known and anticipated, but much of the risks and costs that could surface from insecure M&A deals are not fully understood. This is because security considerations are embedded across different phases of an M&A transaction and also depend on the security posture of both participating entities. It is therefore complex for dealmakers to understand and implement deals with appropriate attention to cybersecurity.


Recognizing this challenge facing global dealmakers, including Optiv’s clientbase, we were inspired to develop our article, “Hidden Costs of Insecure Mergers and Acquisitions (M&A).” With this article, we aim to provide bite-sized insights into the various costs that organizations may incur from an insecure M&A transaction, as well as what these costs may mean for participating entities.


Guided by cross-industry collaborations on M&A engagements, Optiv has distinguished these costs into ‘Above-the-Ground’ (well-known) and ‘Below-the-Ground’ (lesser-known) categories. The graphic below highlights these costs and key aspects for dealmakers to consider when envisioning their M&A strategy:


Hidden Cost Slide.jpg

Figure 1 – Above-the-Ground and Below-the-Ground Costs


This article empowers dealmakers and security leaders engaging in M&A activity to:


  • Gain a holistic overview of the variety of costs emerging from an insecure M&A transaction
  • Understand the implications of costs for the participating entities (i.e., the acquiring and target companies)
  • Learn from real-world M&A transactions impacted by these costs
  • Leverage these insights to enhance the M&A strategy with a secure approach


We hope that this article helps you to prioritize your security goals throughout your strategic deals to conduct seamless and secure M&A transactions as you unlock your market potential.


If you are interested in further discussions on estimating M&A costs, strengthening your cybersecurity M&A program and learning how Optiv’s industry-tested specialization can help you in securing your M&A journey, please visit our website.

Pradeep Sekar
Director, Cyber Strategy & Transformation | Optiv
Pradeep is a seasoned cybersecurity leader who has worked closely with and guided Fortune 100 and Fortune 500 Chief Information Security Officers (CISOs), Chief Information Officers (CIOs) and their teams across various industries to develop and sustain secure, adaptive and robust cybersecurity programs.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.