Technology, Cybersecurity, and Privacy Risk Assurance and Advisory

Transaction advisory and portfolio company risk management

We provide pre-deal, post-deal, and ongoing monitoring to help investors manage the cyber risks of their portfolio companies, negotiate better deals, and preserve their investment value.

Our expertise


Through the lift of the investment, we help clients assess, monitor, and uplift the cybersecurity programs of their private equity sponsor clients. This allows cybersecurity to continue to be an asset to the investment team, as opposed to a liability.

Technology Risk

Through a focus on business continuity and business impact, our team helps investment and operating professionals ascertain key risk to business interruption and help the portfolio companies prioritize resiliency as part of their core technology roadmap.


As jurisdictions globally continue to focus on the rights of individuals pertaining to personal data, we can help investment and operating professionals execute privacy by design at their portfolio companies as part of their operational improvement roadmap.

1 of
abstract black and white looking up at bridge rails

Pre-Deal Due Diligence

Technology, cyber, and privacy risk can make a huge difference in the successful execution of an investment thesis. With our industry leading due diligence efforts, we will evaluate the investment targets, technology readiness to execute on a business plan, the quality and efficacy of the cybersecurity program, and the execution and maintenance of privacy compliance in line with your obligations. The report will include detailed information pertinent to the investment thesis with an investment professional quality summarization.

black and white looking up at side of building

Transition Management

Once we have completed diligence on a target, there will be time sensitive initiatives to be completed within the first 100 days. We will assist with the roadmapping, prioritization, and execution of their key deliverables.

abstract black and white architectural lines and shadows

Portfolio Oversight

Through our PortCo Defend offering we are able to provide an inherent risk weighted minimum standard for portfolio companies to adhere to.


Program Assurance and Advisory

Aponix Protect helps firms address evolving cyber risks and threats to ensure that their cybersecurity needs are covered year-round. This solution is available in three tiers, each one designed to provide firms with a flexible, robust, responsive, and cost-effective cybersecurity program.

Latest Insights

abstract blue shapes connected by dots of light

The Department of Homeland Security Requires Pipeline Operators to Set Cybersecurity Safeguards

The U.S. TSA and DHS have issued a directive to operators of fuel and gas pipelines that requires them to improve their cybersecurity defenses.

Cyber Alert
  • Cybersecurity
  • Portfolio Company Risk Management
abstract blue shapes connected by dots of light

Ransomware Attack Shuts Down Major Fuel Pipeline; PE Firms Advised To Enhance Protections   

A ransomware attack has led to the shutdown of the Colonial Pipeline, the largest fuel pipeline in the U.S. The Colonial Gas pipeline supplies gasoline, jet fuel, and other products to the eastern and southern U.S., providing 45% of the East Coast supply of fuel.

Cyber Alert
  • Cybersecurity
  • Portfolio Company Risk Management
AdobeStock_317630718 1200x900.jpeg

Sneak Peek: ACA Spring Conference Aponix® Session Previews

ACA’s virtual spring conference is right around the corner. We encourage ACA Aponix clients to attend the sessions below or to invite other members of their teams to join in. Here’s a sneak peek at what you can expect and what you can expect to take away.

  • Cybersecurity
  • Portfolio Company Risk Management
  • Events

Gas Pipeline Suffers Ransomware Attack

On February 18, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued an alert detailing a ransomware attack suffered by a natural gas compression facility. The ransomware attack led to a two-day controlled shutdown of operations, causing significant loss of productivity and revenue.

Cyber Alert
  • Cybersecurity
  • Portfolio Company Risk Management
Compliance Alert

ACA Aponix Named Due Diligence Firm of the Year at the 12th Annual International M&A Awards

ACA is proud to announce that ACA Aponix was named the Due Diligence Firm of the year at the 12th Annual International M&A Awards. The awards were announced at a Virtual Awards Gala celebration on Thursday, January 21st, 2021.

  • ACA News
  • Portfolio Company Risk Management
portco defend Blog - 980x550_5.png

Introducing the PortCo Defend™ Portfolio Risk Management Solution

We’re excited to announce ACA Aponix®'s Portfolio Company Risk Management and Monitoring solution, PortCo Defend™, a cybersecurity program and dashboard designed to help private equity firms assess and centrally monitor security threats and risks for their investment portfolio companies (PortCos).

  • Cybersecurity
  • Portfolio Company Risk Management

Upcoming events

Money Laundering Reporting Officer: The Role and Responsibilities - 30 November 2021

The role of the Money Laundering Reporting Officer (MLRO) is a mandatory position in all firms in the Financial Services Industry. This reflects the statutory objective that the Regulator(s) have for ensuring that firms behave with “Integrity”, particularly relating to financial crime prevention. The MLRO therefore plays a significant role in assisting Senior management to ensure that systems and controls relating to anti-money laundering (AML) and countering the risk of terrorist financing (CTF) are appropriate and effective. This course provides practical advice and guidance on the responsibilities of the MLRO, what is expected by the Regulators, both of the Senior Management and the MLRO, and how those responsibilities can be achieved. It should be noted that attendance at this course does assume a good knowledge of the UK’s AML/CTF regulations.

Online Training

Get Your Cyber House in Order

Our speakers will discuss how to tailor your spending and prioritize your budget to meet the needs of your firm and regulatory requirements.


Senior Management Obligations under the SM&CR - 1 December 2021

The ever-increasing focus by the Regulators on the accountability of senior management, particularly when things go wrong, emphasises how important it is for individuals in senior positions to have a clear understanding of what is expected of them. This succinct course is designed to assist Senior Managers to have a full understanding of what they need to do to achieve compliance with the rules under the obligations created by the Senior Managers and Certification Regime (SMCR).

Online Training