FTI Consulting Study Reveals Cybersecurity Attacks Are an Increasing Threat to M&A

Rhea-AI Summary

FTI Consulting (NYSE: FCN) released CISO Redefined III on March 17, 2026, finding cybersecurity incidents are increasingly tied to M&A transactions. Nearly 1 in 4 executives experienced a cyber incident during or shortly after a deal; 42% reported significant deal value reduction and 58% said financial targets were impaired.

The survey of 278 senior leaders was conducted August 12–26, 2025, and highlights gaps in CISO involvement, post-close diligence, and cross-team collaboration that create material exposure for dealmakers.

Positive

• 67% of heads of M&A view the CISO as very critical during transactions
• 76% of general counsel view the CISO as very critical during transactions
• Survey sampled 278 senior leaders across companies with ≥500 employees (Aug 12–26, 2025)

Negative

• 42% of respondents reported significant deal value reduction due to cyber incidents
• 58% said financial targets were impaired following cyber incidents
• 20% of deals were delayed or paused because of a cyber incident
• 34% of CISOs are not heavily involved in transaction decisions
• 23% of executives manage cybersecurity risks proactively after close

News Market Reaction – FCN

+0.93%

1 alert

+0.93% News Effect

On the day this news was published, FCN gained 0.93%, reflecting a mild positive market reaction.

Data tracked by StockTitan Argus on the day of publication.

Key Figures

Executives with cyber incident: Nearly 1 in 4 Deal value reduction: 42% Financial targets impaired: 58% +5 more

8 metrics

Executives with cyber incident Nearly 1 in 4 Executives experiencing a cyber incident during or shortly after a transaction

Deal value reduction 42% Respondents experiencing significant deal value reduction after cyber incident

Financial targets impaired 58% Executives reporting impaired financial targets due to cyber incidents

Deals delayed or paused 20% Executives saying deals were delayed or paused by a cyber incident

CISOs see quick-close pressure 1 in 4 CISOs whose leaders push to close deals quickly over cyber due diligence

Post-close proactive risk management 23% Executives who manage cybersecurity risks proactively post-close

Survey participants 100 CISOs / 78 heads of M&A / 100 general counsel Sample sizes in U.S.-based organizations survey (Aug 12–26, 2025)

Company market cap $5 billion or more Majority of surveyed companies’ market capitalization

Market Reality Check

Price: $171.89 Vol: Volume 292,372 is below t...

low vol

$171.89 Last Close

Volume Volume 292,372 is below the 20-day average of 575,778 (relative volume 0.51), suggesting limited pre-news positioning. low

Technical Shares at $161.92 trade 11.86% below the 52-week high of $183.72 and below the 200-day MA of $166.34, indicating a modest pullback within the 52-week range.

Peers on Argus

FCN slipped 0.41% with light volume, while most close peers (HURN, BAH, ICFI, CR...

FCN slipped 0.41% with light volume, while most close peers (HURN, BAH, ICFI, CRAI) also showed declines. However, DGNX gained 3.77%, and no peers appeared in momentum scanners, pointing to stock-specific rather than sector-driven dynamics.

Historical Context

5 past events · Latest: Mar 11 (Positive)

Pattern 5 events

Date	Event	Sentiment	Move	Catalyst
Mar 11	AI adoption study	Positive	+0.3%	Report highlighting rapid generative AI adoption in corporate legal departments.
Mar 09	CFO appointment	Positive	-0.5%	Election of Angela Nam as CFO with prior high-growth aviation experience.
Mar 02	Senior hire mining	Positive	+1.4%	Appointment of Carrie Grimes to strengthen mining transformation practice.
Feb 26	Earnings results	Positive	+5.1%	Record 2025 revenues, strong EPS and guidance, plus sizable buybacks.
Feb 18	Senior hire aviation	Positive	+1.5%	Addition of Scott Davidson to lead aviation-focused business transformations.

Pattern Detected

Recent company news, including record earnings and senior hires, has generally seen share prices react positively, with only the new CFO announcement coinciding with a modest decline.

Recent Company History

Over the past month, FTI Consulting has reported record 2025 revenues and EPS, alongside several senior leadership additions and a study on rising AI adoption in legal departments. The earnings release on Feb 26 coincided with a 5.08% gain, while strategic hires in aviation and mining also saw modest positive moves. Today’s cybersecurity-focused M&A study continues the theme of thought leadership and sector expertise, complementing prior analytics- and transformation-oriented initiatives.

Market Pulse Summary

This announcement positions FTI Consulting as a thought leader on cybersecurity risk in M&A, highlig...

Analysis

This announcement positions FTI Consulting as a thought leader on cybersecurity risk in M&A, highlighting that nearly 1 in 4 executives saw cyber incidents around deals and 42% reported deal value reductions. It complements recent record 2025 results and strategic hires, underscoring the firm’s focus on complex, high-value transactions. Investors may watch how such research translates into mandates for cyber due diligence and post-close advisory work as M&A volumes rebound.

Key Terms

ciso, m&a, cybersecurity

3 terms

ciso technical

"According to CISO Redefined II, which was released in 2024, the vast majority of CISOs..."

A CISO (Chief Information Security Officer) is the senior executive responsible for protecting a company's digital information and systems from theft, loss, or unauthorized access. Think of the CISO as the head of security for the company’s digital vaults: they set policies, oversee defenses, and coordinate responses to cyberattacks. Investors care because effective cybersecurity reduces the risk of costly breaches, regulatory fines, operational disruption, and reputational damage that can materially affect a company’s value.

m&a financial

"an Emerging Risk for Dealmakers as M&A Volumes Rebound..."

M&A, short for mergers and acquisitions, involves one company combining with or purchasing another company to grow, streamline operations, or gain competitive advantages. For investors, M&A activity can signal potential for increased value, new opportunities, or changes in market dynamics, making it an important factor to watch in the business landscape.

cybersecurity technical

"Navigating Cybersecurity Risks in Transactions, which looks at the increasing correlation..."

Cybersecurity involves protecting computers, networks, and digital information from theft, damage, or unauthorized access. It is essential for safeguarding sensitive data and maintaining trust in digital systems, which matters to investors because strong cybersecurity reduces the risk of costly breaches and disruptions that can impact a company’s performance and reputation. Think of it as locking and safeguarding valuable information much like securing a safe to prevent theft.

AI-generated analysis. Not financial advice.

Third Installment of CISO Redefined Series Highlights Correlation between Cyber Attacks and Transactions, an Emerging Risk for Dealmakers as M&A Volumes Rebound

WASHINGTON, March 17, 2026 (GLOBE NEWSWIRE) -- FTI Consulting, Inc.’s (NYSE: FCN) Cybersecurity and Data Privacy Communications practice today released the third installment of its “CISO Redefined” series, CISO Redefined III: Navigating Cybersecurity Risks in Transactions, which looks at the increasing correlation between cybersecurity incidents and corporate transactions.

According to the findings, nearly 1 in 4 executives has experienced a cyber incident during or shortly after a transaction, with nearly half of respondents (42%) experiencing significant deal value reduction. More than half (58%) said financial targets were impaired, while 20% said their deals were either delayed or paused due to a cyber incident.

“Threat actors are smart; they read the news and know companies tend to be vulnerable when they’re trying to close or right after when they’re integrating systems — and that’s when they try to break in,” said Meredith Griffanti, Global Head of the Cybersecurity and Data Privacy Communications practice at FTI Consulting. “The incident ends up costing the acquirer big time, and most often, the target and acquirer haven’t even begun to think about how to integrate their security plans, let alone how they’ll work together to respond to a cyber crisis if it occurs right after a deal closes. That lack of coordination can have serious blowback on reputation.”

According to CISO Redefined II, which was released in 2024, the vast majority of CISOs feel their role is misunderstood by company leadership, and they struggle to communicate in a non-technical way that other executives can understand. This sentiment explains the results of the latest survey, which show that the CISO’s voice and opinions — and therefore cyber risk — are not being prioritized.

Going further, 67% of heads of M&A and 76% of general counsel said the CISO is very critical during a transaction. However, 34% of CISOs said they are not heavily involved in contributing to decisions when executing transactions, and 1 in 3 CISOs do not believe they have the authority or are unsure of whether they can stop a transaction if cybersecurity risks are too high.

Other key findings:

• One in 4 CISOs say their leaders push to close deals quickly over conducting thorough cybersecurity due diligence.
• Only 17% of CISOs said that collaboration between cybersecurity and corporate development teams significantly increased during the transaction period. By contrast, 34% of general counsel felt collaboration significantly increased — showing a notable disconnect.
• Only 23% of executives say they manage cybersecurity risks proactively post-close. This decline in vigilance creates a meaningful exposure point for the organization, which coincides with when attacks tend to occur.
  

“Deal teams need to account for cyber risk much the same way we think about leak risk. These unexpected disruptions can create confusion, shift value and slow negotiations,” said Pat Tucker, Americas Head of M&A and Activism at FTI Consulting. “It is essential that dealmakers recognize that transactions are increasingly becoming highly visible targets for threat actors. If deal value is going to be successfully realized, this risk needs to be mitigated more effectively.”

Survey Methodology
FTI Consulting surveyed 100 CISOs, 78 heads of M&A, and 100 general counsel across U.S.-based public and private organizations with at least 500 employees, representing a majority of companies with a market cap of $5 billion or more, to understand how key leaders collaborate with each other and weigh cybersecurity priorities during and after M&A deals. The survey was conducted online between August 12-26, 2025. For questions on the methodology, please contact James.Condon@fticonsulting.com.

About FTI Consulting
FTI Consulting, Inc. is a leading global expert firm for organizations facing crisis and transformation, with more than 8,100 employees located in 32 countries and territories as of December 31, 2025. In certain jurisdictions, FTI Consulting’s services are provided through distinct legal entities that are separately capitalized and independently managed. The Company generated $3.80 billion in revenues during fiscal year 2025. More information can be found at www.fticonsulting.com.

FTI Consulting, Inc.
555 12^th Street NW
Washington, DC 20004
+1.202.312.9100

Investor Contact:
Mollie Hawkes
+1.617.747.1791
mollie.hawkes@fticonsulting.com

Media Contact:
Nick Emmons
+1.617.510.1676
nick.emmons@fticonsulting.com

FAQ

What did FTI Consulting (FCN) find about cyber incidents during M&A on March 17, 2026?

Nearly 1 in 4 executives experienced a cyber incident during or shortly after a transaction. According to FTI Consulting, the survey found 42% saw significant deal value reduction and 58% saw impaired financial targets.

How often do cyber incidents delay or pause M&A deals according to FTI Consulting (FCN)?

About 20% of deals were delayed or paused due to cyber incidents. According to FTI Consulting, that finding comes from a survey of 278 senior leaders conducted August 12–26, 2025.

What does the CISO Redefined III report say about CISO involvement in transactions for FCN investors?

One third of CISOs are not heavily involved in transaction decisions, and ~33% lack clear authority to stop risky deals. According to FTI Consulting, this gap increases exposure during and after integration.

How many executives proactively manage cybersecurity risks post-close, per FTI Consulting (FCN)?

Only 23% of executives said they manage cybersecurity risks proactively after closing a deal. According to FTI Consulting, this decline in vigilance coincides with when attacks often occur.

What collaboration gaps did FTI Consulting (FCN) identify between cybersecurity and deal teams?

Only 17% of CISOs reported significant collaboration increase during transactions, while 34% of general counsel reported increased collaboration. According to FTI Consulting, this shows a notable coordination disconnect.