Making cybersecurity part of your company's DNA
Considerations for right-sizing cybersecurity for PE investment
“What are the acceptable risks that the organization is going to take? Can the organization accept the downtime scenario of one day? Of several days? Those are things that need to be considered prior to moving the cybersecurity program forward.”—Anthony Catalano, RSM Director, National Cyber Lead for Private Equity
The first question to ask yourself is, “how much do you care?”
Many companies are facing a larger cybersecurity threat than ever before, according to RSM US Middle Market Business Index 2021 Cybersecurity Special Report. While the risks cybercriminals pose to businesses are clear, the amount of cybersecurity private equity firms will want to protect their investments are often less obvious.
This video discusses the considerations behind several questions private equity firms and portfolio companies should ask themselves, including:
- What are the risks we are willing to accept?
- How much do we care about a downtime scenario?
- Where is my next best security dollar spent?
- How can we implement a cybersecurity program that will create value for the company?
RSM directors Oliver Snavely, Private Equity Lead for Risk Consulting, and Anthony Catalano, National Cyber Lead for Private Equity, draw from their experience working with investors and their portfolio companies to outline how much cybersecurity is "enough," and what that looks like.
Video originally published by ACG.