Private Equity Investor Services
KEEP YOUR STELLAR REPUTATION BY KEEPING YOUR AND YOUR CLIENT’S INFORMATION SAFE
“Has you or your portfolio company ever been the target of a cyber-attack, and what was done about it?”
“What customer data are you and your portfolio companies storing, and how is it protected?”
“If an incident does occur, how will you and your portfolio companies respond?”
“Are any of your portfolio companies subject to any data compliance/regulations?”
“Who is responsible for security at your portfolio companies?”
BENEFITS WHEN YOUR PRIVATE EQUITY FIRM IS PROTECTED:
MAINTAIN YOUR FIRM’S REPUTATION
PROTECT ASSET VALUE
KEEP SENSITIVE INFORMATION SAFE
AVOID FINES AND LITIGATION
ADDRESS INVESTOR REQUIREMENTS
REDUCE CYBER INSURANCE PREMIUM COSTS
BENEFITS OF YOUR PORTFOLIO COMPANIES BEING PROTECTED:
HELP STEER BUSINESS THROUGH RAPID PERFORMANCE IMPROVEMENT
IMPROVE CORPORATE GOVERNANCE CONCERNING CYBER RISK
PROTECT ASSET VALUE AND ENSURE CONTINUED GROWTH
MAINTAIN HIGH COMPANY PERFORMANCE LEVELS
INCREASED OWNERSHIP FLEXIBILITY WITH REDUCED CYBER RISK
Ransomware can lead to work stoppages: Nearly 3 out of 4 companies infected with ransomware suffer two days or more without access to their files. A notorious example of a ransomware attack that hit companies worldwide was the spring of 2017 WannaCry outbreak, which afflicted over 200,000 computers in over 150 countries. Its global costs have been estimated to total a whopping $8B.
In the summer of 2017, the NotPetya ransomware variant ensnared thousands of businesses and public institutions in a global net. Despite letting victims pay a ransom, it wreaked essentially unrecoverable damage. Cybersecurity is a corporate risk: Many directors acknowledge that because the cyber threat is new and rapidly evolving, their board oversight processes are immature. Even boards skilled at overseeing complex financial risks, such as major banks, are still learning how best to manage cybersecurity in their firms, given customers’ and managers’ unending demand for technology and connectivity. Because cyber risks are so novel and evolve so rapidly, boards have developed many different structures for overseeing them. They often struggle with defining roles and responsibilities between the board and company management, as there is no industry standard.
A data breach will slow growth: A 2017 report by Comparitech showed that right after a breach, a company’s stock price would drop 0.43% on average, but that is par for the course in daily volatility. The bigger problem comes in the years that follow. After a breach, a company’s stock price will continue to rise but at a much slower pace than before. “In the long term, however, the average share price stagnated and struggled to surpass 10 percent growth until after about two years, when it starts to pick back up again.” Before a breach, the stock price of the companies studied increased by 45.6% over three years, on average. After a breach, those stock prices only grew 14.8% in the same period.
Cybersecurity lapses can increase M&A costs: In 2016, Marriott acquired Starwood Hotels, unaware that Starwood’s network had already been breached in 2014. As the two networks were merged, Marriott discovered 500M encrypted guest records on Starwood’s system in 2016. In 2018, Marriott was fined $25.4M by the Information Commission’s Office, reporting that their IT systems were beefed up far too late. “The larger hotel didn’t check what it was buying,” was an observation by an industry expert.
Hackers could steal your data and your client’s data, and you might not even know it. Private equity firms stand a lot to lose when they publicize a cyber breach. Limited Partners entrust some of their most sensitive financial data to private equity firms. They expect the data to remain confidential, as it is one of their most significant assets. News of a security breach can severely damage a firm’s reputation. Bawn is here to help prevent this from happening to you.
All our services are available to your firm and your portfolio companies.
OUR SERVICES INCLUDE:
- Cyber Assessments: We examine all aspects of your and your portfolio organization’s information system, accounting for people, processes, and technology. We let you know the risk profile, help leadership develop a risk appetite strategy and develop a roadmap to move the companies to a better security posture.
- Cyber Planning and Implementation:Whether your private equity firm or your portfolio companies need cyber planning and implementation, our team of technology and security experts will develop a comprehensive strategy to reduce information security risk. Working with the IT department and existing infrastructure, our solutions are a thoughtful balance between security and operations, using a framework of personnel, processes, and technology.
- Cybersecurity Training Programs: When we help companies with cybersecurity, we always focus on security awareness for firm employees as well as portfolio companies. Cybersecurity for private equity firms must require good cyber awareness sessions to be effective.
- Incident response: Responding to a significant breach is a precarious moment for a private equity firm and its portfolio companies. Portfolio performance, money, data, and reputations are at stake. Our team works hand in hand with legal counsel, management, and the IT department to quickly isolate the problem, remediate affected systems, and restore operations while maintaining confidentiality.
- Insider Threat Programs and Investigations: Not all cyber threats originate from outside an organization. Our team includes some of the top insider threat experts in the country. We can help your and your portfolio organization identify and address an existing internal threat or design a program to reduce the internal threat before it occurs.
- Business Continuity: Our digital forensics team can back up data of the largest networks, ensuring quick restoration of operations in the event of cyber-attack or other disasters that affect your firm or your portfolio companies.
- Cyber Liability Insurance: Using our framework-based risk assessment, we work with insurance companies to find the cyber liability coverage that is most appropriate for your firm and your portfolio companies.