MH Media & Technology

Tuesday 22nd April, 2014

Cyber Security and Online Datarooms

With the encouraging signs of economic recovery comes the inevitable increase in corporate finance activity including mergers and acquisitions, investments and IPOs.

Often the largest task in such activity is the due diligence undertaken by the buyer/ investor on the company it is looking to buy or invest in. To do this the ‘target’ gathers together commercially sensitive and other confidential information to be analysed by the buyer’s or investor’s advisers, help inform the terms of the purchase or investment and manage, primarily, the buyer’s or investor’s risk.

Over the past five years there has been a shift to online solutions for hosting this information, online data storage services such as OneDrive, Google Drive, DropBox etc or bespoke services, typically provided by an adviser, are replacing physical ‘datarooms’.

These services are more efficient and convenient, but the risk that this information can be compromised online is arguably higher than using a physical dataroom. Unauthorised access to confidential information can have a dramatic impact on a transaction and the target.

The Corporate Finance Faculty at the Institute of Chartered Accountants in England and Wales (ICAEW) recently published a short paper (Cyber Security in Corporate Finance) highlighting the cyber security risks associated with sharing such information online.

The paper highlights the various stages of a transaction, providing guidance and detailed considerations for businesses, and examples of security breaches and their consequences.

We briefly consider below the limited legal protections and some practical measures to reduce the risk of a breach.