This week, the Wall Street Journal published an important article on cybersecurity for Private Equity and Venture Capital, with a focus on cyber risks facing Portfolio Companies. The Journal presents three key takeaways:
- Midsize companies raising capital, or who have recently announced funding, are becoming increasingly attractive targets for hackers. A “perfect storm” of reasons is fueling this trend:
- There is less geopolitical risk in attacking a smaller firm than in attacking a large, multinational corporation or government entity.
- These firms have cash on-hand thanks to funding events.
- They often have less robust cybersecurity infrastructure than larger entities.
- They offer a potential path into their investors, and subsequently into other portfolio companies.
- Conduct cybersecurity “housekeeping” before deals are announced—the announcement can draw unwanted attention.
- Law firms, particularly their M&A departments, are being targeted for intelligence.
As ransomware attacks increasingly target Private Equity (PE) and Venture Capital (VC) firms and their portfolio companies (PortCos), it is critical that PEs and VCs bolster their defenses. Cyber assessments are important, but PEs and VCs must be able to view and understand their comprehensive risk in real time. Today’s volatile cyber risk landscape means point-in-time risk mitigation processes on their own are no longer adequate. Only real-time cyber risk monitoring will enable firms to protect their most sensitive data and safeguard against internal and external threats.
That means firms must have more than the traditionally adequate technical and logical controls. They need active, continuous risk mitigation solutions and reporting, and cyber programs that are tested using real world scenarios that provide a clear picture of how the business would defend against and respond to an incident.
How Drawbridge Helps
In a time of heightened geopolitical risk, the chaos of current events only adds to the need for strong cybersecurity. Drawbridge is the only solution that allows PE and VC firms to monitor the complete cyber risk profiles of their PortCos in real-time. As PortCos become ever more attractive targets, this is the only way to help PE and VC firms identify threats and minimize the possibility of cyber incidents that could inhibit the PC’s growth—and damage the PE or VC’s reputation.
Contact us to learn how we are working with our Private Equity and Venture Capital clients, and their Portfolio Companies, to ensure they have the most robust cyber resilience programs in place to protect their businesses, manage evolving cyber threats and shield their investments and investors.