Categorized | Phones Review

Tags :

Top 5 Key Learning’s for M&A Information Security

Posted on 27 July 2008

I was recently asked to pull together a quick list of key information security learning’s for Mergers & Acquisitions (M&A). This year I assumed responsibility for information security of Intel’s M&A programs. M&A work is typically frantic, unpredictable, and ambiguous, involving the brightest engineering and integration management talent. It demands great flexibility and willingness to rapidly adapt creatively to emerging problems. This work is basically a recipe dreaded by us entrenched security types, who like the controllability of consistent, predicable, and structured activities. It can press the boundaries of good security practices and test the mettle of the strongest security organizations.

Top 5 Key Learning’s for M&A Information Security

    1. Security does not happen by default. As the complexities of divestitures emerge, smart people aggressively move to solve problems and security is likely not a consideration. Information Security must be involved both at the early planning stages and stay engaged until the last tactical maneuver is completed
    2. Profiling the data is key. Knowing what data is involved, it’s sensitivity, who has logical/physical access, and where it is physically located is necessary. It will be needed to insure regulatory, legal, and IP confidentiality protection
    3. Technical and Behavioral considerations must be incorporated to prevail. Neither must be ignored, and in most cases the combination must be applied to every issue where information security is at risk. A security savvy M&A team is the first step to highly effective results
    4. Logical and physical security aspects cannot be separated. Information security professionals can easily overlook the physical security factors which can jeopardize the confidentiality, integrity, and availability of the business just as logical based threats
    5. Great attention must be paid to data retention, transfer, and destruction. ‘Deal data’ can be a vague and changingconcept which may be interpreted differently over time, especially in larger deals. Understanding the scope, expectations, and commitments is a necessity

After reviewing the list, I had an interesting observation. It occurred to me there was a glaring omission. The unwavering support of information security by management is absolutely crucial. To be honest, I left it out as I am spoiled. The Intel culture and chain of management is very supportive of information security. So for those of you less fortunate, add it to the list.

. via



This post was written by:

admin - who has written 8603 posts on A Mobile News.


Contact the author

Leave a Reply

You must be logged in to post a comment.

Partner

Partner

Menu

Click here to visit The Pak Ranks

 IndiBlogger - Where Indian Blogs Meet hitstatus Add to Google
Entertainment Blogs Entertainment Entertainment blogs My Zimbio
My Blog Directory Mobile Phone Blogs - BlogCatalog Blog Directory Visit blogadda.com to discover Indian blogs TopOfBlogs BRDTracker RankingBlogs.com :: Defining Your Blogs Worth: TopSites:
Entertainment Blogs Blog Directory blogarama.com blog search directory hitstatus hitstatushitstatus