information security and privacy

Cybersecurity Due Diligence

Cyber due diligence assessments are an essential way to maximize value for sellers and minimize risks for buyers. Conducting pre-acquisition cyber due diligence on M&A deals enables information security and privacy risks to be identified and addressed in the financial and contracting terms. Conducting post-acquisition cyber due diligence can deliver even deeper information security and privacy insights, and provide support for strategic decisions on whether, when and how to integrate IT systems. CRA’s cyber due diligence services provide the visibility required to identify and assess information security and risks in a timely manner and enhance the likelihood of deal success.

We collaborate with clients to develop a risk-based approach to cyber due diligence assessments. The assignments can range from interviews and analytical inquiries to a robust compromise discovery assessment, which encompasses the threat intelligence portfolio of the target entity, including a risk assessment that considers numerous information security industry standards (ISO, PCI, HIPAA/HITECH, NIST). The workstream can conclude with a readiness assessment to help assess the target’s existing incident response capabilities.

Our focus areas


  • 01
    Advanced threat actor compromise
    CRA was engaged by a global service industry company wanted to conduct a compromise assessment as a baseline for their  new cybersecurity program. CRA obtained...
    View engagement
  • 02
    CRA conducts a threat program risk assessment at a large utility
    CRA was engaged by a large utility company that was beginning to stand-up a formalized insider threat program and wanted to assess their current...
    View engagement
  • 03
    CRA hired to investigate malicious insider
    CRA was hired by a global software development company that had a malicious insider sending sensitive information about the CEO and alleged transgressions to...
    View engagement

Subscribe to receive our latest Insights.