Every year, tens of thousands of mergers and acquisitions (M&A) take place across every industry and vertical. In fact, "In 2017, companies announced over 50,600 transactions with a total value of more than 3.5 trillion USD." Not only is M&A complex from a business sense, it also brings the challenge of merging complex IT infrastructures and applications (which are only getting more complex) as businesses move away from a perimeter defined network to cloud networking.
Think about your strategy for enabling the business and protecting the company from security risks. You take time to assess your network, infrastructure and applications by using risk assessments, vulnerability assessments, code analysis and more to understand your attack surface and threats to the business. Perhaps you are grading your business on a cyber security maturity model and working on implementing programs to move you from a 2.1 to a 3.5.
Then you get the call, there is an acquisition happening and you have to on-board the company into your network and you are to be involved in the due diligence on the company. Do you trust the company's network to be attached to yours? What is their cybersecurity program like? How do you validate what they are saying, and what if they have malware running on their network they are not aware of?
Time is normally of the essence, and in an ideal world, we would love to be able to go in and do full assessments. However, most of the time this is not possible, especially if it is at the due diligence phase. It is important to review their cyber security program. Ask: Are they taking the necessary steps to Assess, Monitor and Protect? Are they doing the basics (password/patch management) and not just deploying advance malware protection? How do you validate what they are saying and ensure there isn't going to be a surprise after the acquisition completes or when you connect the network?
This is where cloud-based, quick and easy to configure, agentless security can give you a quick assessment to see if there is any malware activity. DNS threat protection has become more popular due to its low touch to the network and wide range of devices that it can cover. Think everything from laptops and mobiles devices to printers, IOT and more. Anything that uses DNS can be assessed and protected. All it takes is a switch of DNS forwarding to something like Akamai's Enterprise Threat Protector.
This service routes all DNS requests through the cloud service which allows for detection of machines that request malicious domains, or if machines are infected and calling out to command and control servers, and a deeper analysis on DNS exfiltration and tunneling.
Immediately, you will be able to see if there is malware activity on the network, providing the chance to raise an investigation about the extent of the malware. This can lead to further conversations during the due diligence phase, or even save your company from malware coming down the VPN you are just about to connect between the companies.
If you are interested in seeing what DNS threat protection can see in your network - you can run a free trial here.