In an op-ed for the Harvard Business Review, Chirantan Chatterjee and D. Daniel Sokol write about how organizations need to be more mindful of other companies' data security before planning a merger or acquisition. The authors cite Marriott and Verizon as examples of two companies that acquired other entities without knowing they had suffered data breaches. Marriott now faces $912 million in fines under the EU General Data Protection Regulation after a breach of Starwood's systems, while Verizon was able to renegotiate its acquisition price of Yahoo. "When an acquirer does not protect itself against a data lemon and seek sufficient information about the target’s data privacy and security compliance, the acquirer may be left with a data lemon — a security breach, for example — and resulting government penalties, along with brand damage and loss of trust," the authors write.
If you want to comment on this post, you need to login.