Outside-in cyber review

From ACT Wiki
Jump to navigationJump to search

Cyber security - due diligence - preliminary work.

An outside-in cyber review is a limited scope assessment of another organisation's cyber security, using information in the public domain.

It is sometimes known as open-source intelligence (OSINT).


Outside-in review for an acquirer
"At the preparation stage, an acquirer or an investor will have no access, or extremely limited access, to the potential acquisition target...
There may be recent domain name registrations, which have the potential for domain name spoofing during the M&A process.
These registrations can be searched for ahead of any process beginning in earnest.


Dark web searches, a review of information on the ICO’s database, digital profiling and digital reconnaissance, and any public information that might be available will all be part of an outside-in review.
It will involve checks for:
  • Breached credentials and passwords related to the high-level domain of the target, which may be found being traded on the dark web;
  • Whether key individuals’ email addresses have been compromised;
  • Occurrences of [other] data leaks... which may also be traded on the dark web...


It is possible that the outside-in review may reveal significant cyber risks that constitute a red flag for the deal to proceed."
Cyber security in corporate finance - ICAEW - 2024 - p16.


See also


Other resource