Cyber threats such as data breaches and cyber-attacks pose one of the biggest risks to businesses today.

However, more than a third (40%) of firms looking to acquire another organisation have discovered a cyber security problem with the company they’ve bought after the deal has been done.

Why is cyber due diligence so important?

Addressing cyber due diligence as part of the M&A process reaps a number of benefits for you, as the acquiring firm.

Not only this, it mitigates against current and future risks, allowing you to budget for any issues identified It can even add value to the target organisation by addressing some common post-acquisition security issues.

It helps you to understand the full extent of the cyber threat landscape internally and externally in the run up to an acquisition, as well as after the deal has been done.

Not only this, it mitigates against current and future risks, allowing you to budget for any issues identified throughout the process, such as breach related regulatory fines, IP issues or reputation management costs.

Assessment benefits

As part of the assessment process, you will receive recommendations for action and change – from security of data and business resilience, to threat and vulnerability identification within your target organisation, giving you greater ability to monitor and respond to cyber threats.

Pre Acquisition

Review: Risk overview of target organisation data and infrastructure

Investigate: Breach analysis, identifying anomalous behaviour and whether the estate has been compromised

Post Transaction

Target State: Outlines the required operating model and organisation structure for optimum capability now and in future

Roadmap: Outlines improvements, showing priority areas and risk with indication of costs and impact

Pre Exit / Health Check

Assessment: Governance, risk and compliance assessment that will determine cyber and privacy risk score

Report: Consolidated report including risk analysis, technical findings and recommended remediation steps


Our assessments focus on the areas that are most important to investors, delivering outcomes which highlight opportunities to mitigate risk and reputational damage, whilst enhancing security posture, enabling cost reductions and creating better operational efficiency with people and processes.

At 6point6 we are uniquely placed to provide security consultancy at every level, from strategy, architecture and engineering, to intelligence and Cyber Lab services – a core business unit which keeps us at the forefront of threat intelligence and cyber innovation.

We have a successful track record working in both the public and private sector on cyber due diligence issues as part of the M&A process.

Find out more

Insights from our experts

Want to find out more?

Speak to our experts in: