A Troubling (and Costly) Trend for Private Equity

At a recent financial services conference, I heard a cautionary tale that bears repeating. It involves ransomware, private equity (PE), and an overall rising cybersecurity threat landscape for an entire industry.

As brief background, PE companies are in the business of buying, improving and selling companies, and are largely comprised of attorneys and accountants. Their in-house expertise lies in analyzing financials, identifying undervalued companies and structuring legal arrangements to purchase, improve and sell companies; cybersecurity is not among your average PE company’s core competencies.

From Press Release to Ransom

Typically, a PE firm will issue a press release upon acquisition of a new portfolio company, and another once they sell it at a profit (usually a five- to seven-year process). Seems straightforward, right?

Well, not quite. According to the individual at this conference, a troubling trend is emerging: Shortly after issuing a press release, the source’s new portfolio company is hit with a ransomware attack. In order to unlock their PCs and databases, PE companies will pay the ransom and work with the ransomers to restore the affected data. 

It appears that ransomware hackers have identified newly bought portfolio companies as easy targets. And they’re not wrong; PE companies typically inject a large amount of cash in their acquired businesses to improve operations and maximize the value of the corporation. In other words, they have the funds to pay ransom.

[You may also like: Ransomware: To Pay or Not To Pay?]

Additionally, since PE is made up of lawyers and accountants, cybersecurity is not necessarily top of mind. As such, cybersecurity due diligence on target companies is often insufficient, and even sometimes an afterthought, leaving them vulnerable to attacks, the results of which can be devastating (just ask Marriott).

Caught Between a Rock and a Hard Place

Private equity firms need to issue press releases on their portfolio companies; it’s how they raise awareness in order to increase the number of interested buyers in their Equity Funds. However, these press releases are leaving a trail of breadcrumbs for hungry hackers to follow to find cash rich companies.

PE companies need to address two critical issues to fix this conundrum.

First, they need to conduct real, comprehensive cybersecurity due diligence…before they complete a purchase. The current standard of practice often involves sending a network IT employee or IT consultant to check a target company’s network connectivity and minimal security, like confirming they have a Firewall and change login/password credentials often enough. That’s about it. A comprehensive set of security checks needs to be created and conducted.

Next, after purchasing a company, PE firms need a set of standards across the portfolio to protect the value of the fund. Consider KKR, one of the biggest PEs in the world, which has a $20B USD fund for buying U.S.-based companies. A widespread hack across multiple companies in the KKR fund would cripple the fund’s value to investors.

Bring in the Experts

This story is but one example of an industry where cybersecurity is a rising threat and is not being met with adequate expertise, the long-term consequences of which can be detrimental.

[You may also like: The Origin of Ransomware and Its Impact on Businesses]

I’ve said it before, and I’ll say it again: Securing digital assets can no longer by delegated solely to the IT department; it must be infused into product and service offerings, security, and perhaps most importantly, development plans and business initiatives. This holds especially true for industries – like private equity/financial services—that are steeped in acquisitions. To further quote myself, “When one company acquires another, it doesn’t just acquire assets. It also assumes the target company’s risks. Put simply, their gaps become your gaps.”

PE companies need expertise and a clear set of cybersecurity best practices. They need managed security services to help them. And they desperately need a deeper awareness and knowledge of today’s constantly evolving threat landscape.

Download Radware’s “Hackers Almanac” to learn more.

Download Now

Mike O'Malley

Mike O’Malley brings 20 years of experience in strategy, product and business development, marketing, M&A and executive management to Radware. Currently, Mr. O’Malley is the Vice President of Carrier Strategy and Business Development for Radware. In this role, he is responsible for leading strategic initiatives for wireless, wireline and cloud service providers. Mr. O’Malley has extensive experience developing innovative products and strategies in technology businesses including security, cloud and wireless. Prior to Radware, Mr. O’Malley held various executive management positions leading growing business units at Tellabs, VASCO and Ericsson. Mr. O’Malley holds a Master of Business Administration degree, a Master of Science in electrical engineering, and a Bachelor of Science in electrical engineering from the University of Illinois. He also is a graduate of the Executive Strategy Programs at the University of Chicago.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center