Key benefits of using outsourced experts for due diligence consulting are access to expertise, experience and objectivity. This outsourced expertise can find the issues you need to consider prior to your decision thereby increasing the likelihood of success of your transaction. But how do you find and select a due diligence firm? The following is some context based on our experience:
Finding the right due diligence firm:
Clients find us several ways. Most come to us through referrals or word of mouth. Others have come after hearing us present at conferences. We have gained some clients because we are connected to them in social media, which allowed them to evaluate and learn about us prior to establishing contact. The ways clients find us has shaped our perspective on how companies find a due diligence firm. Clients always find us through trust-based networking. We recommend you use a similar path as you look for a due diligence firm.
Selecting a due diligence firm:
In due diligence teams, trust is the key component. Our strongest recommendation is that you work with due diligence providers that you already know and trust. If you are considering a transaction in an area unfamiliar to you and you need to reach out to a firm that works in a different domain, we have some recommendations for you there as well:
- Since trust is critically important, use your network. Ask peers who they have used in that domain. Also ask your investors or members of the investment banking community, especially those that have experience in the domain you are working in.
- Look for the right expertise. Big acquisitions take a team. Be sure your team has the right mix. (for evaluations of firms that provide enterprise technology capabilities or that work in the national security sector, Crucial Point is without rival).
- Avoid conflicts of interest. You may have very smart professionals in your own company who are familiar with the domain of interest but who have a vested interest in having the decision go one way or the other. The same is true of some outside firms. Ensure the firm you pick has no conflicts of interest.
- Seek firms that can work with you post-transaction. The integration of a firm into your portfolio can be helped by you being aware of information from the due diligence phase, and you will want to work with your due diligence team after transaction on many matters.
- Meet with the firm as soon as you can, so you can evaluate the firm’s potential. In person meetings will give you a feel for their spirit and ability to deliver.
- Find firms that are known for building long-term relationships. This gets right back to the key point. Trust is critically important and when you find a due diligence firm that you trust you will want to keep the dialog going with them, long term.
- Ask for a proposal. A good firm will be ready to produce one on short order.
Questions/comments/suggestions? Please contact us for more information.
Additional Due Diligence Information:
- Crucial Point Due Diligence Services: A summary of our offerings
- Our Technology Due Diligence Process: Our core processes
- Due Diligence in Cybersecurity: Experience Matters
- Due Diligence in Defense, Intelligence and National Security: A specialty
- IT Due Diligence: Analyze target company IT infrastructures, processes and people
- CTO Consultants for Technology Due Diligence: A key focus area for Crucial Point
- How to Find and Select a Due Diligence Firm: Tips from the Crucial Point team
OODA LLC: Put our team of experts on your side
Crucial Point is now part of OODA LLC. OODA helps our clients identify, manage, and respond to global risks and uncertainties while exploring emerging opportunities and developing robust and adaptive strategies for the future. We are a global strategic advisory firm with deep DNA in global security, technology, and intelligence issues. OODA offerings include: Security Services including CISO-as-a-Service We live in…
Announcing OODA LLC: Helping clients identify, manage, and respond to global risks and uncertainties
We have some exciting news to announce. We are now part of OODA LLC. If you have a background in cybersecurity or the military or are a student of decision theory you can probably tell our company name is meant to honor one of the greatest warrior thinkers of the modern age, Air Force Colonel John Boyd. Boyd was an…
Updated Cybersecurity Best Practices
We capture lessons we learn in helping clients continually improve their cybersecurity posture. We also track adversary behaviors on a daily basis at ThreatBrief.com and capture lessons learned and shared from across the community. We maintain a succinct list of these best practices for your reference. Find them at The Crucial Point Guide to Cybersecurity Best Practices. Reducing digital risk…
Leveraging The FFIEC Cybersecurity Assessment Tool (CAT) To Improve Corporate Culture and Raise Security Posture
You know compliance does not equal security. We wonder if the folks who write all these compliance rules believe that, but we know you know it. Still, if you do it right, you can use compliance reviews and evaluations to help you reduce risk. The art form is to find balance. You have to make sure you comply but do…
Complying With The GDPR: Easier with a CTO on your side
If you interact with companies in Europe or hold data on any EU citizen you must comply with the European Union’s (EU) General Data Protection Regulation (GDPR). It much easier to do that with an experienced CTO on your side. For a good update on the GDPR see: EUGDPR.org The GDPR is the most important change in data privacy regulation…
Technology Due Diligence for Mergers and Acquisitions Now Requires Cybersecurity Assessment
Historically due diligence assessments before Mergers & Acquisition (M&A) transactions have focused on traditional risk areas that could pose a significant financial risk, like issues of tax, employment, compliance with regulatory environments, intellectual property protection, and of course contracts. Now that technology is a part of every firm’s business model things have changed. Cybersecurity has become part of every M&A…
The Cost Of Cyber Crime Is Growing: Apply economical mitigation strategies to protect your business
In cybersecurity it is hard for stakeholders to get a picture of the full impact of cybercrime. Two reports this week are the latest to take a crack at it. One of the reports is from McAfee in collaboration with the Center for Strategic and International Studies (CSIS). It shows that cybercrime currently costs the global economy a startling $600 billion annually,…
Guest Post At WhiteHawk: The Most Important Factor in Addressing your Organization’s Cyber Risk
Crucial Point founder and CTO Bob Gourley published a guest editorial at WhiteHawk.com on the topic of organizational cyber risk mitigation. This post, based on years of operational experience, begins: Over the last two decades I have participated in cyber risk assessments across many economic sectors, including in government, the military, healthcare, pharmaceuticals, aviation, defense, manufacturing, and finance. I’ve had…
The Cyber Threat: Best selling cyber intelligence book updated for 2018
The Cyber Threat, the bestselling book from pioneer of cyber threat intelligence Bob Gourley, has now been updated for 2018. The book provides up to date insights into the threat actors in cyberspace including their history and current tactics. The book is full of information of use to executives in multiple sectors of the economy. Bob Gourley was the first…
Crucial Point LLC Founder and CTO Bob Gourley Named To List Of Top Data Miners
Crucial Point founder and CTO Bob Gourley has been named one of the top data miners by Import.io, the platform for web data extraction and use. From the report: In the blossoming world of big data, the data miner is king. Although your own business may already see the value in data, it’s more difficult to understand how to data mine for…
CTOvision One Of The Best IT Blogs 2018: Must-Read Resources for CIOs, IT & Security Pros
CTOvision, the blog focused on enterprise technologists, has been named as one of the best IT blogs for 2018 by VertitechIT. Information Technology. Sometimes we get so focused on the bits and bytes side of the equation we forget about the information part. When it comes right down to it, IT is all about using technology to inform, to communicate,…
Trump signs bill to modernize government IT and cybersecurity
On Tuesday, US president Donald Trump signed the 2018 National Defense Authorization Act (NDAA) into law, which contains a provision that could force the federal government to upgrade its out-of-date IT systems. The Modernizing Government Technology (MGT) Act was enacted as part of the NDAA, but it is facing some roadblocks from Congress. The MGT Act creates a $500 million fund over…
Featured in TheCipherBrief: Companies Need to ‘Think Twice’ Before Retaliating Against Hackers
Bob Gourley is a member of TheCipherBrief.com’s cyber advisory board. The following provides his context on key cybersecurity policy issues of interest to the technology and business community. From: Companies Need to ‘Think Twice’ Before Retaliating Against Hackers The Cipher Brief: When organizations are targeted with cyber attacks, are they able to respond by hacking back – to either retrieve their…
The Automotive Cyber Security Summit: October 25-27 Fremont California
The Automotive Cyber Security Summit is for practitioners in the automobile industry who are working to predict and mitigate both current and future risks due to technology. The event brings together experts from across the auto industry, including manufactures, designers and providers of on-demand services and autonomous vehicles. For more see: Automotive Cybersecurity Summit
The Government Won’t Protect Your Internet Privacy, So Here Is How To Do It Yourself
“Stealing personal information is much easier if all that data is aggregated,” says Bob Gourley, co-founder of Cognitio Corp, a firm that does security consulting, and former Chief Technology Officer of the Defense Intelligence Agency.
Using advanced tracking tools, artificial intelligence, and botnets, a malicious actor could “learn if an individual is going to be out of town at a certain time,” explains Gourley. Similarly, access to personal-finance and medical information could help would-be criminals commit fraud later on.
Bob Gourley on cutting edge tools debuting at RSA
RSA is always a great place to learn the latest technology, tools and procedures for enterprise grade cyber defense.
CTOvision named to FedTech’s list of 50 Must-Read Federal IT Blogs
We were honored again to have our CTOvision blog named to FedTech’s list of 50 must-read federal IT Blogs. From FedTech’s intro to the list: It was a whirlwind year in the world of federal IT, with the White House, Office of Management and Budget, and many agencies focused on cybersecurity, IT modernization, data center closures and optimization, and cloud adoption. Sometimes,…
How the cyber SWAT team tackles the biggest crises (Bob Gourley Comments)
The elite group that works with FBI investigators and DHS is tasked with stopping the threat; Catherine Herridge has the story for ‘Special Report’. Context from Bob Gourley. For more see: FoxNews
What you can do to mitigate the threat of DDoS attacks
The recent DDoS attacks on corporate networks have impacted businesses, their clients and individuals. In this special edition of QSights, cyber risk-reduction experts, Cognitio, provide steps organizations can take to help prevent an attack, to ensure their internal network cannot be used as a platform to attack others and to determine if the right plans are in place to mitigate…
Despite privacy concerns, Microsoft calls Windows 10 ‘the most secure version of Windows’
“Over the last two years we have seen ransomware evolve to the point where it can come in from multiple paths, spread throughout an enterprise and backup holdings while remaining covert to standard detection, and then lock down files all at once causing an enterprise-wide crisis,” Gourley said. “What was once seen as a joke is now one of the…