Considerations for right-sizing cybersecurity for PE investment

VIDEO  | 

Authored by RSM Canada



“What are the acceptable risks that the organization is going to take? Can the organization accept the downtime scenario of one day? Of several days? Those are things that need to be considered prior to moving the cybersecurity program forward.”

—Anthony Catalano, RSM Director, National Cyber Lead for Private Equity

The first question to ask yourself is, “how much do you care?”

Many companies are facing a larger cybersecurity threat than ever before. While the risks cybercriminals pose to businesses are clear, the amount of cybersecurity private equity firms will want to protect their investments are often less obvious.

This video discusses the considerations behind several questions private equity firms and portfolio companies should ask themselves, including:

  • What are the risks we are willing to accept?
  • How much do we care about a downtime scenario?
  • Where is my next best security dollar spent?
  • How can we implement a cybersecurity program that will create value for the company?

RSM directors Oliver Snavely, Private Equity Lead for Risk Consulting, and Anthony Catalano, National Cyber Lead for Private Equity, draw from their experience working with investors and their portfolio companies to outline how much cybersecurity is “enough,” and what that looks like.

Video originally published by ACG.