Page 87 - Cyber Defense eMagazine March 2024
P. 87

Ongoing portfolio monitoring

            Timing: Ongoing with the cadence of the reports defined by the customer.

            Used for: Identify new threats that emerge in their existing portfolio.

            Deliverable: Ongoing monitoring of a portfolio of companies managed by an M&A entity.

               •  Monthly report with alerts for emerging threats.
               •  Provides an updated list of areas of concern, areas of future research, and mitigations.




            Conclusion
            As part of the M&A vetting process, the acquirer is expected to evaluate the source code for misused
            open-source code, unknown vulnerabilities, and a pen test of the entity's network.  Some will go deeper
            and rely on a CTI vendor for a deeper scan.  However, they usually rely on vendors who can only access
            TOR and the surface web, which gives their clients incomplete visibility and will often miss material issues
            they are concerned about.  Often missing more notable events than they discover. However, an in-depth
            CTI  for  an  M&A  effort  can  answer  critical  questions  that  the  acquiring  company  needs  to  know  to
            determine the risks of acquiring or making a strategic investment.



            This article is an abstract of a more extensive blog.  The blog can be found here.



            About the Author

            Shawn Loveland is the COO of the Resecurity.  Shawn Loveland is an
            experienced  professional  in  the  technology  and  cybersecurity  field,
            with over 35 years of industry expertise. He has worked for both small
            and large companies and has received 15 US patents and numerous
            international patents in computer security and telephony.

            As the COO of Resecurity, Shawn aids Resecurity in providing practical
            solutions  to  our  clients  against  the  current  threat  landscape.  He
            conducts  proactive  threat  research  and  helps  clients  assess  their
            Cyber Threat Intelligence (CTI) programs. He also provides customized intelligence services tailored to
            meet their unique needs. Before joining Resecurity, Shawn was responsible for dark web intelligence at
            Microsoft.

            Shawn  can  be  reached  online  at  (Shawn  Loveland  |  LinkedIn)  and  at  our  company  website
            www.resecurity.com








            Cyber Defense eMagazine – March 2024 Edition                                                                                                                                                                                                          87
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   82   83   84   85   86   87   88   89   90   91   92