CyCraft Reduced Pre-Acquisition Due Diligence Digital Forensic Investigation Time by 99%
A top manufacturer was about to perform a pre-acquisition due diligence cybersecurity investigation. The client estimated the entire digital forensic investigation would take several months to complete. CyCraft did it in a few days. Not only did CyCraft reduce investigation time by over 99 percent but the cost and workforce investment were further reduced by an estimated 95 percent.
Finance, sales, and company culture have always been important factors in any merger and acquisition. However, as the shockwaves of advanced persistent threat activities and cyberattacks spread over more and more news media sites, pre-acquisition technology and cybersecurity due diligence investigations are becoming the standard operating procedure for M&As.
Marriot’s failure to perform a thorough due diligence cybersecurity investigation on its Starwood acquisition in 2016 led to the 2018 data breach that resulted in 28 million USD in expenses, the potential compromised movements of US government military and intelligence officers, the theft of credit card and passport information on over 300 million guests, multiple class-action lawsuits, and most recently a £99 million GBP fine (over 120 million USD) from the UK’s Information Commissioner’s Office (ICO) for violating British citizens’ privacy rights.
A due diligence cybersecurity investigation could have revealed the remote access trojan and MimiKatz within the compromised Starwood system and would have recommended against storing encrypted data and its keys on the same server.
Later in 2018, but across the Pacific Ocean, one of the four leading fabless semiconductor companies, with over 7.7 billion USD in annual revenue and over 25 global branches, was preparing for a strategic acquisition to expand its operations. In a wise effort to defend itself against the looming threat of business altering cyber attacks (such as Starwood’s data breach), the company began conducting a thorough and exhaustive cybersecurity due diligence investigation.
The company had inherited a large volume of legacy IT from the acquired company and had to not only diagnose the entirety of their existing IT systems to uncover all possible blind spots but also had to integrate the entire acquired infrastructure into all of their existing systems. This would have required the resources of their entire cybersecurity team as well as several months.
Our AI-driven CyCraft AIR detection and response platform (previously named CyCarrier AIR) was brought in to perform the security due diligence investigation on the acquired company. CyCraft AIR completed the entire digital forensic investigation in a few days.
Impressed with the 99 percent time reduction, the company not only continued leveraging CyCraft AIR to smoothen the integration of the acquired infrastructure into their existing systems but continues using CyCraft AIR as a key cybersecurity solution for their company to detect and manage APT-level threats to this day.
When you join CyCraft, you will be in good company. CyCraft secures government agencies, Fortune Global 500 firms, top banks and financial institutions, critical infrastructure, airlines, telecommunications, hi-tech firms, and SMEs.
We power SOCs with our proprietary and award-winning AI-driven MDR (managed detection and response), SOC (security operations center) operations software, TI (threat intelligence), Health Check, automated forensics, and IR (incident response), and Secure From Home services.
Additional Related Resources
- CyCraft CEO, Benson Wu, and CyCraft Global Project Manager, Chad Duffy, speak on the latest MITRE ATT&CK Evaluations. Read their thoughts on our results and the philosophy powering CyCraft.
- Learn how we detected and defeated a foreign APT targeting Taiwan’s high-tech ecosystem. Read our full analysis and malware reversal.
- Has your organization recently shifted to a Work From Home environment? Learn how to receive three free months of our Secure From Home service.
- Our Enterprise Health Check drops your mean dwell time down from 197 days to under 1 day without false positives or false negatives. Know with confidence if hackers have penetrated your enterprise.
- Learn why industry professionals awarded CyCraft AIR and CyberTotal the Grand Prize for Best of Show in Security Solutions at Interop Tokyo 2020, the largest ICT exhibition in Japan.