The impact on valuations
As many PE firms are focused on growing and optimizing their portfolio companies, investing in cyber risk management is a great way to preserve value and manage against introducing critical risks into the company.
It’s important to have an emphasis on value creation but neglecting cybersecurity risks can also leave portfolio companies open to additional threats and reduced value during due diligence. An investment in cybersecurity measures will not only better manage the risk of cyber threats against the portfolio company, but it can also improve valuations and avoid a negative impact on company worth and value deterioration if a breach were to occur.
Companies that have been the victim of attacks have seen their value decrease. For example, Verizon lowered its original offer for Yahoo by US$350 million in 2017 after the internet company revealed two data breaches. And SolarWinds—a software company majority owned by two private equity firms—saw its stock drop 40% in one week in December 2020 after U.S. government agencies were breached through its software.