Cyber Due Diligence

Cyber security is a board-level item and an important part of investment decisions. Through our engagement we’ll answer your questions on cyber capability and effectiveness of cyber governance and risk management. This is beneficial as part of a regular ‘health check’ for organisations, or as cyber due-diligence to inform strategies at important economic transactions like acquisition, investment or sale.

"I need to quickly understand what security capability my organisation has now, so that I can judge if, or how much, to invest."

Make an informed, costed decision

Cydea’s cyber security due diligence communicates our findings in clear, concise language with costed improvements to improve your decision-making process and help investment committee presentations. Our standard DD engagement consists of:

  • A Cyber Scorecard to give you a single-page, executive assessment of the target’s security posture and any ‘red flags’
  • A Risk Profile setting out the sources and consequences of risk to the target’s sector and market and quantification of potential risk events
  • An Incident Review of recent security events and near-misses, their root causes and lessons learned
  • An Improvement Plan with ROM costing for priority, 100 day actions as well as longer-term improvements

This allows you to make an informed investment decision based not only on the posture of the target, but also with an understanding of the risk environment and price in the financial impact of remedial security improvements.

Our approach is structured around a consistent, simple set of documentation requests and management questionnaire. We are able to execute engagements promptly and often at short notice as demanded by investment timelines.

Cydea are professional service members of the British Private Equity & Venture Capital Association.

Through-life services

Post-acquisition we can assist in the management of security improvement and security operations improvement programmes, if required.

If you have a portfolio of investments you may also be interested in our portfolio cyber services to provide assurance and executive coaching of your portfolio companies to protect your investment and enhance long-term capability and value.