Next Investors logo grey

Cyber awareness heightened by the US vs Iran face-off

Published 25-JUN-2019 11:55 A.M.


4 minute read

Hey! Looks like you have stumbled on the section of our website where we have archived articles from our old business model.

In 2019 the original founding team returned to run Next Investors, we changed our business model to only write about stocks we carefully research and are invested in for the long term.

The below articles were written under our previous business model. We have kept these articles online here for your reference.

Our new mission is to build a high performing ASX micro cap investment portfolio and share our research, analysis and investment strategy with our readers.

Click Here to View Latest Articles

“Acquiring a company without proper cybersecurity due diligence is like buying a used car and taking the seller’s word it is in good condition,” says Joe Cardamone, senior information security analyst and NA privacy officer, Haworth. “A company should not automatically trust the hygiene of IT assets. It’s critical to have full visibility into all connected devices and determine whether they are patched, configured properly, and free of malware.”

In this heightened era of cyberattacks and crackdowns, this is sage advice.

It comes as Forescout Technologies, Inc. (NASDAQ: FSCT), the leader in device visibility and control, announced the results of its global mergers and acquisitions (M&A) cybersecurity risk survey – The Role of Cybersecurity in M&A Diligence.

Forescourt surveyed more than 2,700 IT and business decision makers across the United States, France, United Kingdom, Germany, Australia, Singapore and India to examine the growing concern of cyber risks and the importance of cyber assessment during M&A and the subsequent integration process.

“M&A activity can be a game-changing moment in a company’s history, but recent breaches shine the spotlight on cybersecurity issues and make one thing abundantly clear: you don’t just acquire a company, but you also acquire its cybersecurity posture and a potential trojan horse,” said Julie Cullivan, chief technology and people officer, Forescout.

“Cybersecurity assessments need to play a greater role in M&A due diligence to avoid ‘buying a breach.’ It’s nearly impossible to assess every asset before signing a deal, but it’s important to perform cyber due diligence prior to the acquisition and continually throughout the integration process.”

One of the findings is that 81 per cent of IT decision makers (ITDMs) and business decision makers (BDMs) agree that they are putting more focus on an acquisition target’s cybersecurity posture than in the past, highlighting that cyber is a top priority.

That is a big leap forward for businesses, especially those with an M&A mindset, but of course, given macro events, cyber security is more and more front of mind.

US vs Iran

Macro events have been no more evident than in the current face-off between the US and Iran.

President Trump’s military action back down following the shooting down of a US RQ-4A Global Hawk surveillance drone, was backed up by a US Cyber Command retaliatory cyberattack on “an Iranian spy group that supported last week’s limpet mine attacks on commercial ships.

The attack on the Japanese oil tanker, could have ramifications for oil markets as Kokuka Courageous was hit around the same time as the Norwegian-owned Front Altair, which was hit by three explosions, according to the Norwegian Maritime Authority. The ships were in the strategic Gulf of Oman on their way toward the Indian Ocean.

The attack goes to a broader accusation against Iran for committing cyberattacks against oil and the oil and gas industry.

According to Yahoo News: “Analysts at stateside security firms FireEye, CrowdStrike Inc., and Dragos Inc. told the Wall Street Journal on Friday that ‘they had observed suspected Iranian state-sponsored hacking attempts—particularly through spear-phishing attempts’ on US government and private industry targets over the course of the past week, though none of the suspected attacks were successful.

“CrowdStrike said firms in the oil and gas industry were targeted, including with messages that purported to be from the Executive Office of the President. The Associated Press confirmed those reports on Saturday, though it also noted it was unclear if any of the attacks was successful and that if the attackers did gain access to any of the systems they may not immediately exploit it.”

The US has launched cyberattacks against Iranian infrastructure previously; the Stuxnet computer worm being the most infamous as the US looked to destroy centrifuges at Iran’s Natanz nuclear enrichment facility.

The latest US cyberattack saw the President sign off on an attack to knock out Iranian missile control systems.

Where this posturing by both countries leads us remains to be seen, but it does highlight the growing use of cyber tools as weapons at the highest levels.

There is no good that can come out of it, except a growing awareness of the crippling nature of a cyberattack.

Businesses take note.

General Information Only

S3 Consortium Pty Ltd (S3, ‘we’, ‘us’, ‘our’) (CAR No. 433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information and is for informational purposes only. Any advice is general advice only. Any advice contained in this article does not constitute personal advice and S3 has not taken into consideration your personal objectives, financial situation or needs. Please seek your own independent professional advice before making any financial investment decision. Those persons acting upon information contained in this article do so entirely at their own risk.

Conflicts of Interest Notice

S3 and its associated entities may hold investments in companies featured in its articles, including through being paid in the securities of the companies we provide commentary on. We disclose the securities held in relation to a particular company that we provide commentary on. Refer to our Disclosure Policy for information on our self-imposed trading blackouts, hold conditions and de-risking (sell conditions) which seek to mitigate against any potential conflicts of interest.

Publication Notice and Disclaimer

The information contained in this article is current as at the publication date. At the time of publishing, the information contained in this article is based on sources which are available in the public domain that we consider to be reliable, and our own analysis of those sources. The views of the author may not reflect the views of the AFSL holder. Any decision by you to purchase securities in the companies featured in this article should be done so after you have sought your own independent professional advice regarding this information and made your own inquiries as to the validity of any information in this article.

Any forward-looking statements contained in this article are not guarantees or predictions of future performance, and involve known and unknown risks, uncertainties and other factors, many of which are beyond our control, and which may cause actual results or performance of companies featured to differ materially from those expressed in the statements contained in this article. S3 cannot and does not give any assurance that the results or performance expressed or implied by any forward-looking statements contained in this article will actually occur and readers are cautioned not to put undue reliance on forward-looking statements.

This article may include references to our past investing performance. Past performance is not a reliable indicator of our future investing performance.