By Daimon Geopfert, Principal, Risk Advisory Services, RSM US LLP

For private equity firms, assessing the vulnerability of a prospective portfolio company’s information technology infrastructure is essential, no matter how small the target. The 2016 NetDiligence Cyber Claims Study found that nearly 90% of claims submitted were from companies with less than $2 billion in revenue.

Get Our Icahn eBook!

Get our entire 10-part series on Carl Icahn and other famous investors in PDF for free! Save it to your desktop, read it on your tablet or print it! Sign up below.

Algorithms
markusspiske / Pixabay

Here are eight of the biggest red flags for any potential acquisition:

  1. The team can't answer basic questions
    It seems obvious, but even companies that appear extremely sophisticated often fall short. If you start asking simple questions—what type of sensitive data does your company possess, and how does it handle it?—and answers aren't forthcoming, dig deeper.
  2. It's young and high-growth
    New high-growth companies don't just outgrow office space—they often strain existing infrastructure, controls, and processes.
  3. It's in a highly regulated industry
    Is the business in healthcare, consumer and retail, or financial services? Don't think twice—investigate deeply. At some point, a regulator is going to pay a visit.
  4. It works with government agencies
    Privatization has been a boon for private equity investors, but doing business with government also means grappling with legacy or specialty government systems and rigid government standards and contracts.

To learn more about the other four red flags, click here.

This article represents the author's views only and doesn't necessarily represent the views of PitchBook.

Article by PitchBook