Due Diligence in Cybersecurity
Introduction Due diligence can be defined as an action that is considered reasonable for people or businesses to be expected to take to keep themselves or others and their assets safe from harm. Due diligence is often associated with legal matters and corporate acquisitions. As cybersecurity moves slowly beyond being technology and encryption focused to include other specialists making use of due diligence to aid in protecting company assets and to mitigate risks is vital. So what is cybersecurity due diligence? The term has been defined as “the review of the governance, processes and controls that are used to secure information assets.” Such due diligence obligations may exist between states, between non-state actors (e.g., private corporations), and between state and non-state actors. This blog will examine the issues surrounding due diligence in cybersecurity and why they are vital to preve...