01
Identity-Stack Sprawl
What the 2024 Snowflake customer-leak cluster and identity-driven cases teach about typical SaaS acquisition targets — and which DD questions must be asked before LOI.
DD implication · EV impact 5–12% typical
FREE WEBINAR · 08 JULY 2026
Cyber Due Diligence in M&A — what investment teams must check in 2026.
Market data · 3 cyber patterns · 5-business-day methodology
Global M&A volume jumped to USD 4.7 trillion in 2025 — up 43% year-over-year. Nearly a quarter sits in tech targets. That changes what cyber due diligence must look like — and how fast it must deliver. This 60-minute webinar synthesises the McKinsey 2026 numbers, three recurring cyber patterns, and a concrete 5-business-day methodology for DACH investment teams.
What you take away
Three cyber patterns, three cases, one DD framework.
Each pattern is analysed against publicly documented breach cases 2024–2026 and translated into the negotiation mechanics of SPA, R&W insurance and post-close remediation.
02
Vendor Concentration Risk
How the 2024 Change Healthcare cluster redefined single-vendor dependencies in tech stacks — and which R&W underwriter responses to expect on DACH tech deals.
Underwriter response · Escrow 2–5% EV typical
03
Supply-Chain Exposure
MOVEit, 3CX, XZ Utils — how recurring supply-chain cases tighten Software Bill of Materials requirements in the pre-close phase, with implications for DD scoping.
Material risk · Walkaway or SPA restructure
All cases discussed are publicly documented. The analytical synthesis ties them to current threat intelligence (BSI Lagebericht, ENISA Threat Landscape, Verizon DBIR 2026) and to McKinsey's 2026 M&A trends.
Agenda
60 minutes. Focused. With live Q&A.
The detailed agenda is shared in the confirmation email before the session. Planned sections:
01Market context 2026: what McKinsey's USD 4.7 trillion market means for cyber DD
02Three cyber patterns in tech M&A — concrete cases and EV-impact ranges
03Live walkthrough: 5-business-day cyber DD on a typical SaaS target
04Post-close levers: how Compliance Sprint and vCISO hold posture across the hold period
05Q&A — confidential, off-record, not recorded
FH
Speaker
Fabian „Fabe“ Hausner
Founder, Woodlands Advisory GmbH
SAP Global Security Advisory Lead
- Enterprise security architecture and post-acquisition cyber integration at SAP — including the Signavio acquisition context
- Daily threat-intelligence responsibility as SAP Global Security Advisory Lead
- Practice focus: cyber due diligence, ISO 27001 / NIS2 / DORA audit readiness, vCISO mandates for DACH mid-market
- Founder Fabe Capital GmbH · Heidelberg
Format & logistics
60 minutes. Confidential. Not recorded.
- Duration
- 60 min45 min keynote · 15 min Q&A
- Platform
- Google MeetJoining link via email
- Confidentiality
- Off-recordNot recorded · no re-sharing
- Access
- By registrationBusiness email · confirmation in 24h
Request a seat
Request a seat.
Attendance is limited to verified investment and M&A decision-makers. We confirm requests within 24 hours with the Google Meet joining link.
Who should attend
- PE Operating Partners & Investment Directors
- VC Lead Partners & portfolio-support teams
- Family Office CIOs & investment directors
- M&A Advisory Partners & Managing Directors
- Portfolio CFOs of active holdings
- Corporate M&A leads (strategic buyers)
What we verify
- Business email domain (no Gmail/Yahoo/Web.de)
- Role plausibility via LinkedIn
- Sector alignment with DACH tech investments
What's available after the briefing
From briefing to execution.
- Velocity M&A Audit
- 5 business daysFixed price · pre-LOI to closing
- Compliance Sprint
- 4 weeksISO 27001 · NIS2 · DORA
- vCISO Mandate
- from €4,500/monthStrategic leadership across the hold period
- Discovery call
- 30 minConfidential · no obligation