Cybersecurity For M&A Deals With RMF Attorney Steven Kuperschmid

In this episode of CHATTINN CYBER, Marc Schein interviews Steven Kuperschmid, Co-Chair of Cybersecurity and Data Privacy at Ruskin Moscou Faltischek PC. Steven is experienced as a corporate M&A and securities lawyer. During the conversation, Steven shares his knowledge about cybersecurity in M&A deals, how (or whether) it impacts contracts and the different phases to setting an effective buyer-seller deal. He also talks about the growing need for cyber insurance in different industries today.

At what point does cybersecurity integration happen within an M&A deal? Steven explains that it depends on the nature of the target’s business. For the middle and upper-middle markets, like manufacturing and distribution, industrial technology, financial services, and healthcare, cybersecurity needs to be a priority. You must know whether the target business has Personally Identifiable Information (PII) – if so, cybersecurity needs to be prioritized irrespective of the industry.

However, cybersecurity doesn’t change different deal structures. Because a deal is chosen for tax reasons to mitigate the buyer’s risk, cybersecurity is a far bigger problem than the signed contract.

As for the signing of a deal, there are different phases:

  • The discussion phase, where the buyer assesses the value offered by the seller and considers the different risks that might exist.
  • The buyer then assesses the business from a technology point of view, evaluating the seller’s internal policies and cyber hygiene.
  • Lastly, a buyer does a lien search, looking at the lien report to gather more information about the buyer and their underlying debt instruments.

Further in the conversation, Steven covers cyber insurance, explaining its relevance and importance in the cyber security industry. Having a good cyber insurance grasp can ensure the buyer can benefit from them during a data breach.

Listen to the conversation for more details!