3rd Party Risk Management , Anti-Phishing, DMARC , Email Threat Protection
M&As: Why a 'Compromise Assessment' Is EssentialFireEye's Steve Ledzian on Managing Risks When Acquiring a Company
When a company plans to make an acquisition, it should conduct a "compromise assessment" to assess whether the organization being purchased has had an undiscovered breach, says Steve Ledzian, CTO for Asia Pacific at FireEye.
A compromise assessment will provide visibility into whether there is an active compromise or a compromise in the past in that organization," Ledzian says in an interview with Information Security Media Group. Such an incident could affect the value of the company, as was the case in Verizon's acquisition of Yahoo (see: SEC Fines Yahoo $35 Million Over 2014 Breach)
While penetration tests focus on finding vulnerabilities, a compromise assessment focuses on whether an organization was breached without knowing it, he explains.
In an interview with Information Security Media Group (see audio link below image), Ledzian discusses:
- Security considerations to take into account during mergers and acquisitions;
- How organizations in Asia react to breaches;
- Efficient implementation of multifactor authentication.
Ledzian is vice president & chief technology officer for Asia Pacific at FireEye. He advises governments, militaries and private sector organizations about cybersecurity strategies. Previously, he Ledzian managed the security specialist sales engineering team for Cisco Systems in Asia.