FTI Consulting Study Reveals Cybersecurity Attacks Are an Increasing Threat to M&A

Third Installment of CISO Redefined Series Highlights Correlation between Cyber Attacks and Transactions, an Emerging Risk for Dealmakers as M&A Volumes Rebound

WASHINGTON, March 17, 2026 (GLOBE NEWSWIRE) -- FTI Consulting, Inc.’s (NYSE: FCN) Cybersecurity and Data Privacy Communications practice today released the third installment of its “CISO Redefined” series, CISO Redefined III: Navigating Cybersecurity Risks in Transactions, which looks at the increasing correlation between cybersecurity incidents and corporate transactions.

According to the findings, nearly 1 in 4 executives has experienced a cyber incident during or shortly after a transaction, with nearly half of respondents (42%) experiencing significant deal value reduction. More than half (58%) said financial targets were impaired, while 20% said their deals were either delayed or paused due to a cyber incident.

“Threat actors are smart; they read the news and know companies tend to be vulnerable when they’re trying to close or right after when they’re integrating systems — and that’s when they try to break in,” said Meredith Griffanti , Global Head of the Cybersecurity and Data Privacy Communications practice at FTI Consulting. “The incident ends up costing the acquirer big time, and most often, the target and acquirer haven’t even begun to think about how to integrate their security plans, let alone how they’ll work together to respond to a cyber crisis if it occurs right after a deal closes. That lack of coordination can have serious blowback on reputation.”

According to CISO Redefined II, which was released in 2024, the vast majority of CISOs feel their role is misunderstood by company leadership, and they struggle to communicate in a non-technical way that other executives can understand. This sentiment explains the results of the latest survey, which show that the CISO’s voice and opinions — and therefore cyber risk — are not being prioritized.

Going further, 67% of heads of M&A and 76% of general counsel said the CISO is very critical during a transaction. However, 34% of CISOs said they are not heavily involved in contributing to decisions when executing transactions, and 1 in 3 CISOs do not believe they have the authority or are unsure of whether they can stop a transaction if cybersecurity risks are too high.

Other key findings:

• One in 4 CISOs say their leaders push to close deals quickly over conducting thorough cybersecurity due diligence.
• Only 17% of CISOs said that collaboration between cybersecurity and corporate development teams significantly increased during the transaction period. By contrast, 34% of general counsel felt collaboration significantly increased — showing a notable disconnect.
• Only 23% of executives say they manage cybersecurity risks proactively post-close. This decline in vigilance creates a meaningful exposure point for the organization, which coincides with when attacks tend to occur.

“Deal teams need to account for cyber risk much the same way we think about leak risk. These unexpected disruptions can create confusion, shift value and slow negotiations,” said Pat Tucker , Americas Head of M&A and Activism at FTI Consulting. “It is essential that dealmakers recognize that transactions are increasingly becoming highly visible targets for threat actors. If deal value is going to be successfully realized, this risk needs to be mitigated more effectively.”

Survey Methodology
FTI Consulting surveyed 100 CISOs, 78 heads of M&A, and 100 general counsel across U.S.-based public and private organizations with at least 500 employees, representing a majority of companies with a market cap of $5 billion or more, to understand how key leaders collaborate with each other and weigh cybersecurity priorities during and after M&A deals. The survey was conducted online between August 12-26, 2025. For questions on the methodology, please contact James.Condon@fticonsulting.com.

About FTI Consulting
FTI Consulting, Inc. is a leading global expert firm for organizations facing crisis and transformation, with more than 8,100 employees located in 32 countries and territories as of December 31, 2025. In certain jurisdictions, FTI Consulting’s services are provided through distinct legal entities that are separately capitalized and independently managed. The Company generated $3.80 billion in revenues during fiscal year 2025. More information can be found at www.fticonsulting.com.

FTI Consulting, Inc. 
555 12^th Street NW
Washington, DC 20004
+1.202.312.9100

Investor Contact:
Mollie Hawkes
+1.617.747.1791
mollie.hawkes@fticonsulting.com

Media Contact:
Nick Emmons
+1.617.510.1676
nick.emmons@fticonsulting.com

Source: FTI Consulting, Inc.