ACA Aponix, part of the ACA Compliance Group (ACA), has launched PortCo Defend, a cybersecurity risk management program and dashboard, designed to help private equity firms assess and centrally monitor security threats to their portfolio companies (PortCos). Available now, PortCo Defend gives private markets a holistic view of their their PortCos’ cybersecurity risk and provides oversight to track the progress of all their PortCos’ efforts to remediate gaps and achieve their cybersecurity targets.
With 46 per cent of businesses reporting at least one security incident since the start of the Covid-19 pandemic, firms globally are challenged with a continued stream of threats that can prove costly and reputation damaging. This problem is escalating, with 68% of business leaders believing cyber risks to their companies are increasing.
For private equity firms, the potential impact of a cyber threat can extend to the firms they oversee and across a range of sectors. Simply performing an IT due diligence test upon initial investment in a company is not enough. Cybersecurity, privacy, and risk should be ongoing concerns throughout the investment lifecycle. According to the 2020 NSCP / ACA Aponix Cybersecurity Compliance Programs Survey, 8 per cent of private equity firms have not reviewed any of their portfolio companies and of those who do, only 7 per cent of firms are reviewing more than 76 per cent of their PortCos.
Carlo Di Florio, Global Chief Services Officer, ACA Compliance Group, says, “Increased cybersecurity risks combining with the evolving challenges of the Covid-19 pandemic – a phenomenon ACA calls RiskMutation – mean private equity leaders need enhanced capabilities while also improving the efficiency, resilience, and scale of their programs.”
Chad Neale, Transaction Advisory Partner, ACA, says: “Ransomware and phishing attacks will continue to rise in 2021 and beyond, and cyber-criminals have private equity firms and their portfolio companies in their crosshairs. PE firms must take action to protect their investments. But we also understand from working with hundreds of global private equity firms and their portfolio companies, the challenges, costs, and time considerations faced by the sponsor when introducing a program like this to their management teams. We have built PortCo Defend to reduce the burden of managing cybersecurity on the sponsor and to show the value of the investment to the PortCos in improvements to their cybersecurity posture.
“PortCo Defend is designed to clearly identify the portfolio investments that represent the greatest cyber risks, establish an actionable remediation roadmap and ongoing monitoring through a methodology that minimises impact on management, and provides enough fidelity into the unique cybersecurity risks across the portfolio to drive change where needed.”
Portco Defend is the latest cyber security offering in ACA’s cybersecurity, privacy and risk portfolio. The related Portco Protect offering is also available as part of a partnership with Alliant to help underwriters understand cyber risk and results in better coverage and more favourable premiums.
