Question

Which of the following BEST represents a risk associated with merging two enterprises during an acquisition?

A. The consolidation of two different IT enterprises increases the likelihood of the data loss because there are now two backup systems
B. Integrating two different IT systems might result in a successful data breach if threat intelligence is not shared between the two enterprises
C. Merging two enterprise networks could result in an expanded attack surface and could cause outages if trust and permission issues are not handled carefully
D. Expanding the set of data owners requires an in-depth review of all data classification decisions, impacting availability during the review

Answer 1

Option C, which mentions the risk of an expanded attack surface due to merging enterprise networks, best represents a risk associated with mergers or acquisitions, as it captures potential security vulnerabilities and the increased complexity of managing permissions and trust between combined IT systems.

Step-by-step explanation:

The question pertains to the risks associated with merging two enterprises during an acquisition. One of the major risks is that merging enterprise networks can result in an expanded attack surface, which may lead to security vulnerabilities and potential outages. To elaborate, when two IT systems come together, they bring along their unique security protocols, vulnerabilities, and potential for trust and permission issues which, if not managed correctly, can compromise the integrity and availability of the systems involved.

Option C represents the best risk associated with merging two enterprises: Merging two enterprise networks could result in an expanded attack surface and could cause outages if trust and permission issues are not handled carefully. This option encapsulates the challenges of integrating security architectures and the importance of maintaining rigorous cybersecurity practices during and after the merger.