Strategies to Mitigate Risk During Mergers and AcquisitionsBen Murphy of Truist on How to Limit Unnecessary Cybersecurity Exposure
In 2021, U.S. mergers and acquisitions shot up 55%. In 2022, that percentage is set to climb even higher. The wave of post-COVID M&A demands that cybersecurity leaders improve their efficacy. Ben Murphy of Truist shares insight on where, when and how cybersecurity needs to influence the M&A agenda.
"We need to secure the process of acquiring a company," Murphy says. "We try to look holistically at a lot of those things - our endpoint and mobile device protection as well as: 'Where is that other end of that data? Is it in the cloud? Is it in a data center? Are they traditional network? Are they zero trust?' All of those drive a path for us of how we're going to secure this organization."
In this video interview with Information Security Media Group, Murphy discusses:
- Cyber risks to consider from subsidiaries in the M&A process;
- Tips for conducting essential due diligence;
- Tools and strategies to aid cyber risk assessment.
Murphy leads Truist's corporate cybersecurity cyber operations and engineering. His organization incudes nine teams that focus on infrastructure protection and security threat monitoring and response. It is responsible for the operations of two cyber fusion centers, or security operation centers, located in Atlanta and Zebulon, North Carolina, that operate24x7x365 to investigate cybersecurity event alerts and coordinate needed response and documentation. Other teams within cyber operations include threat intelligence, development and innovation, and cyber payment security.