What security leaders should watch for when companies buy or sell a business

In this Help Net Security video, Lane Sullivan SVP, CISO and Strategy Officer at Concentric AI, explains what security leaders should think about during mergers, acquisitions, and divestitures.

Sullivan talks about the types of risk an acquiring company can take on, including cyber exposure, compliance duties, and past governance decisions. He outlines why data handling matters throughout the process, from deciding what should move to keeping records of how data was sent and received.

The discussion also covers AI systems that may shift during a deal and why security teams need to know how those systems were trained. Sullivan walks through the steps that matter before the deal, during the transition, and after integration begins. He also notes the importance of identity changes, access reviews, and a disciplined close out once the work is complete. The goal is to help leaders manage risk and keep operations stable.