Don’t Let Data Risks Spoil Your M&A Party

Multicolored strands come together to form a thick thread

The global market for mergers and acquisitions reached new heights last year, and many expect the frenzy to continue in 2022. The latest annual survey from Pitchbook estimated there were 38,000 merger and acquisition (M&A) transactions in 2021, with just shy of US$5 trillion in deal value.

That’s a lot of activity. But despite the lofty goals and growth projections that drive M&A decision making, history shows these transactions don’t always convert into corporate value. In one study, for example, Deloitte analyzed 116 M&A deals that were explicitly “growth-oriented,” and found that only 27% helped those companies grow faster than their historical rate.

POST-DEAL INTEGRATION AND SYNERGIES

There are of course, many reasons why companies fail to realize the cost or growth synergies anticipated for a deal; economic and political issues and “people” and cultural differences are often cited.

Some companies simply fail to manage the huge operational complexity of acquiring or selling a business. This can include failing to manage the risks inherent in the buyer’s or seller’s data. This is a significant issue when you consider that global data volumes double every three years or so and more than 80% of the world’s data is unstructured, such as emails, making it harder to manage and understand.

Challenges in managing corporate data can lead companies to struggle with issues such as:

  • Identifying and retaining the company’s commercially sensitive information and intellectual property
  • Identifying compliance risks in the target company’s data
  • Locating key contracts for day-one operations and maintaining effective systems for managing issues like third-party risk.

These struggles can have dire consequences down the track. Highly priced intellectual property may turn out to be kept haphazardly across multiple storage systems, making it hard to consolidate and extract value from. In the case of a divestiture, it may get left behind with the parent entity or inadvertently sent off with the buyer. The acquiring company can also inherit compliance risks – in the current environment, especially privacy risks – which lead to regulatory action or litigation when things blow up post-acquisition.

RETAINING VALUE, MINIMIZING RISKS

How can companies avoid leaving value on the table or acquiring unforeseen risks? Over many years of working with companies and their advisors on M&As, Nuix has developed a robust approach to understanding and addressing these data governance and risk issues. 

In one example, Nuix worked with a global pharmaceutical company to avoid it sending off its critical intellectual property along with the subsidiary it was divesting. To achieve this, Nuix had to search the subsidiary’s datacenters for the parent’s intellectual property. This meant finding IP across millions of emails, documents and other unstructured records and then remediating the data, all under tight commercial deadlines. 

OUR PROCESS

Our process, in broad strokes, is detailed in the diagram below.

Workflow diagram. Define: Define what data is in scope. Assess: Assess the data environment. Identify & extract: Find who holds the data, extract and collect it. Process: Make the data searchable. Analyze & understand: Review and classify the relevant data. Act: Move, delete, copy or manage the data.

The main advantages of using Nuix technology and workflows, for the buyer or selling company, include:

  • We can find and collect data (such as critical intellectual property) from local and remote repositories, including laptops and desktops, email servers, file shares and cloud sources
  • Our efficient and scalable processing turns more than 1,000 file formats into meaningful and searchable information by capturing the content and metadata
  • Our browser-based review software enables fast and efficient collaboration for merger teams to analyze, classify and report on findings
  • Once you have classified data, you can defensibly move or delete it, copy it or flag it for further action.

Just as importantly, in M&A transactions the parties need to review huge amounts of data under the shadow of commercial and regulatory deadlines. Most of our customers say that compared to competitors, Nuix has the fastest data processing, can review the widest variety of file types and can handle the largest volume of data.

Equally exciting is that this workflow is not just a one-off exercise. Once you’ve gone to the trouble of setting it up, it can deliver ongoing value for the merged entity. The target company and its acquirer can scan for changes up to the merger deadline and proactively monitor to maintain compliance and deliver data and cost efficiencies afterwards.

Source: https://www.nuix.com/blog/dont-let-data-risks-spoil-your-ma-party

The State of Contemporary Digital Investigations – Part 2

Since my early days of forensics, like data storage and available devices, data transfer cables were a growth area. To stock a competent digital forensics laboratory, you needed to have the cables and adapters to read all the devices you might find in the wild. These included IDE, the occasional RLL and about 100 different configurations of SCSI cables. Along with these cables, it was important to have the appropriate write blocking technology to enable proper preservation of digital evidence while duplicating it.

Times have naturally changed, as I discussed in part 1 of this series. As storage interfaces grew and changed, the type and number of these write blockers grew at the same time. The investigator needed to show up in the field, confident that no matter the size and configuration of a storage device, they had the equipment to properly interface with it and conduct analysis.

While the need to be prepared and competent has not diminished in the slightest, the sheer volume of digital data found at a given crime scene or under a search warrant has exploded, from a bunch of floppy disks and maybe a hard drive or two in the late 90s to multiple tens of terabytes or more in the 2020s. This dramatic increase in raw data has required the high-tech investigator to learn additional strategies to find key data on-site, possibly before performing full forensic analysis in a lab. Tools like Nuix Data Finder and Automatic Classification can be deployed in the field to find crucial items of digital evidence now, not 6-12 months from now when the laboratory backlog gets to your case.

THE DIFFERENCE IN DECADES

I mention ‘prepared and competent’ because it can’t be overstated that what was required in the 90s is darn near trivial when compared to the massive scope of the digital investigations field today.

In a nutshell, investigators in the 90s required knowledge of:

  • Windows
  • DOS
  • Linux
  • To a very minor extent, Macintosh/Apple.

The knowledge included how their file systems worked and the technical ability to analyze floppy disks and hard drives using:

  • IDE
  • RLL
  • SCSI

While networking could be a factor in business investigations, most people using their computers at home dialed up to their service provider and the records were fairly easy to understand.

Fast forward to today and what investigators need to know dwarfs all past generations:

  • Windows (multiple flavors)
  • Linux
  • OS/X
  • iOS
  • Android
  • Storage
    • SATA/SAS spinning disk
    • SATA/SAS solid state disk
    • IDE disks
    • SCSI disks
    • NVME disks
    • M2.Sata disks
    • Flash storage
      • SD/Mini-SD/Micro-SD
      • Compact Flash
    • USB 2/3/C hard drives
    • Wireless hard drives
    • Home cloud drives
    • Cloud storage
      • Azure
      • AWS
      • A variety of smaller/foreign cloud services
  • Connectivity
    • IPv4 networking
    • IPv6 networking
    • Bluetooth
    • Wi-Fi
    • 3G/4G/5G
  • Devices
    • Digital cameras with and without network connectivity
    • Tablets IOS/Android
    • Raspberry PI
    • Drones
    • Internet of Things (IOT)
    • Data centers
  • Security
    • Encryption – So many impacts on file storage and networking that it deserves its own novel
    • Multi-factor authentication

This list goes on and on. It’s almost impossible to recognize the field of high technology investigations when comparing the decades of development and advancement. It’s hard to imagine how a modern investigator can even be moderately competent given the breadth of knowledge required.

After all this history, I’m sure many readers will have some of the same questions. I’ll try to answer what I know I’d be asking, but I encourage you to reach out if you have others that I don’t cover here!

How Can Our Team Cover The Breadth Of Knowledge You’ve Outlined Here?

Having the properly trained and experienced personnel assigned to the cases involving the skills they are most experienced in is vitally important. Given the amount of available information out there, it is inconceivable that there is a single person in any organization who is best able to handle every type of case.

It’s also important to have the appropriate technical and hardware resources on hand to address the challenge of each type of data (and the platform it lives on).

What’s The Key To Ensuring We Are Focusing On The Right Pieces Of Evidence?

The one constant in my high-tech investigations tenure is the ability to interact competently with all types of people. Learning to interview and interrogate where appropriate and paying close attention to the facts of a case, including environment, are crucial components to locating all the data types required in each scenario to perform a thorough examination.

Secondary to the staff’s personal competence and their ability to ask pertinent questions about the environment they are investigating, is having a deep bench in terms of hardware, software and intelligence that will guide them to all available sources of digital evidence. Further, by having the knowledge and experience to learn all about the environment under investigation, the entire staff will be deeply steeped in the art of triage. This enables them to focus on most-likely-important evidence first and widen the scope needed to obtain all the facts without crushing themselves under the weight of trying to analyze ALL.

Which Tools Do You Recommend As Imperative For An Investigative Team?

This is a slam dunk. Nuix Workstation gives me the single pane of glass to all the evidence types I’m interested in, while Nuix Investigate® allows me to present all the evidence I’ve collected and processed to support staff and case agents, who will perform the detailed review of documents and communications to determine their relevance to the case.

How Do We Fill In The Gaps?

Again, I’ve got the core of most of my needs in the Nuix suite of tools. Where Nuix does not have a solution, like threat intelligence feeds or cooperative intelligence like the ISACS, I can incorporate information from those feeds directly into my Nuix cases and correlate across all the available data to solve the questions posed by the investigation.

EMPOWERING THE MODERN-DAY INVESTIGATOR

We know investigations take on many different forms depending on where you work. While criminal investigations will differ in some ways from, for example, a corporate environment, many of the details remain the same.

I encourage you to visit the Solutions section of our website and see for yourself how Nuix helps investigators in government, corporations, law enforcement, and more.

source: https://www.nuix.com/blog/state-contemporary-digital-investigations-part-2

Nuix Partners with EDMS Consultants to Target Mining, Energy, and Utilities

Perth, Australia – May 11, 2021, Global software company Nuix (www.nuix.com, ASX:NXL) and leading solution provider EDMS Consultants, have announced a new partnership to offer Nuix solutions to the natural resources sector in Western Australia and ASEAN region.

Both companies aim to provide litigation and investigations technology to support the booming natural resources sector which faces increasing regulations, class actions, cybersecurity and privacy issues, internal investigations, and intellectual property disputes.

“Throughout the years we have been in the business, the energy, resources, and utilities sectors are among the most highly regulated industries,” said Peter Buck, Business Development Director of EDMS Consultants. “Now more than ever, operators need full access to their unstructured data or data silos to ensure regulatory compliance.”

He added, “We have worked with PETRONAS, BP, Exxon, PTTEP, and KPOC (PETRONAS/ Shell / ConocoPhillips) on various services throughout the years, and we believe based on experience Nuix has the ideal solution for big organisations with unstructured data”.

The explosion of unstructured data places an increasing burden on large enterprises – especially those in the mining and energy sector that manage very complex projects – to sort through the massive volumes of content they gather, generate and exchange every day. Added to this challenge, the often remote and distributed business model with operations and assets spread over a wide geographical area means that information governance and data access are crucial.

‘’Nuix has a proven history of partnering with large enterprises to solve their messy data challenge,’’ said Jonathan Rees, Nuix Executive Vice President, International. “We have the world’s leading technology for extracting intelligence from high volumes of structured and unstructured data, forged from our experience with regulatory inquiries. Opening new markets and customer segments will continue our growth path and I am excited to partner with EDMS, to drive our combined solution and services, into the wide footprint EDMS has in the natural resources industry.”

About Nuix

Nuix (www.nuix.com, ASX:NXL) creates innovative software that empowers organisations to simply and quickly find the truth from any data in a digital world. We are a passionate and talented team, delighting our customers with software that transforms data into actionable intelligence and helps them overcome the challenges of litigation, investigation, governance, risk, and compliance.

About EDMS

EDMS is a leading solution provider in the Asia Pacific Region, providing enterprise data solutions to the Energy, Resource & Utility industry. We continuously explore and find the best solution to offer our clients. We have a multi-disciplined team of specialists, based in Kuala Lumpur, Malaysia, and Perth, Australia to support our clients. EDMS has implemented projects to the leading Energy, Resource & Utility throughout the region.