Most enterprises are overconfident and lack the proper visibility to manage subsidiary risk, according to an Osterman Research study.
The study surveyed enterprises with more than $1 billion in annual revenue and an average of more than 19 subsidiaries.
M&A has become a standard path to rapid growth for many organizations. The global law firm White & Case reported that US M&A deal value reached a record high of US$1.27 trillion in the first half of 2021, a 324 percent increase vs. H1 2020.
“Parent companies acquiring subsidiaries through M&A activity not only onboard employees, technology and revenue, but also absorb the existing security posture of that subsidiary. This dramatically impacts the overall security of the larger organization and increases the attack surface,” said Michael Sampson, Senior Analyst at Osterman Research.
Most organizations believe they’re doing a good job managing subsidiary risk
Ironically the majority of organizations reported they perceived they were doing a good job managing subsidiary risk, yet 67 percent of respondents said their organization had experienced a cyberattack where the attack chain included a subsidiary, or that…
