White paper

M&A Guide to Assess and Consolidate Domain Assets and DNS Networks

Assessing and consolidating domains and DNS providers are crucial “pre” and “post” M&A deal priorities. You are not only buying the valuable assets, you are also buying the cyber security risk.  

In this paper we discuss: 

  • How to maximize deal value and mitigate post-close risks and costs
  • The background problems: Hidden risks and network complexity
  • Pre-deal due diligence assessment and planning
  • Post-deal consolidation and integration execution
  • M&A Best Practices: A Modern Approach to Empower Teams


How due diligence teams can maximize deal value and mitigate post-close risk and cost.

There are many blogs, webinars, and how-to guides about acquiring domain assets – mostly centered on ownership rights, title, and brand protection during the M&A process. They are mainly useful to legal counsel, finance, and marketing but overlook a gaping area of risk and cost containment.

We’re talking about enterprise security and the network operations functions tasked with managing the DNS networks, mitigating risk, and managing integration costs after the deal closes.

Enterprise Value
Security Risk
Cost Containment

In this paper, we’ll discuss the known security and operations problems in acquiring domain and DNS assets, and effective ways to solve them. We’ll present a modern, best practices approach for companies active in M&A from pre-deal audit and assessment to post-deal consolidation.

Executive Summary

You are not just buying the assets – you are acquiring cyber security risk.

M&A teams face operational and IT risk when acquiring domain assets and the related DNS networks. The acquirer has a limited time frame to assume ownership of the domains and integrate them into network operations. These domains will have latent operational and security issues, unaddressed by the target company. The acquiring party does not have visibility into the true state, nor will it have any means to assess its security posture. The purchaser will be acquiring all the cyber risk and operational deficiencies associated with the target assets – and it will be largely blind.

Enterprise domain sellers don’t know what they’ve got – neither do the buyers

Few operators have an accurate inventory of their domain assets and DNS network. That’s because their domains and DNS are scattered across multiple domain registrars, DNS services, and certificate authorities. Even when companies concentrate their high value domains on a single, corporate domain registrar, they invariably have more domains managed elsewhere. Put 10-20 DNS services into the mix and it’s a safe bet that management doesn’t have an accurate picture of its own DNS network.

Ignorance is not bliss – your enterprise security is at risk

The M&A team of an acquiring company has no accurate picture of the domain assets and DNS network they are buying, nor do they typically have an easy means to complete network and security due diligence. Hundreds (or thousands) of domains across many registrars and DNS services, require diligently managed zone files and the application of DNS security settings. M&A needs to assess the state of pre-deal DNS configurations for each domain. This includes an assessment of live or missing Name Servers, DNSSEC, DMARC, SPF, CNAMEs, A Records and TLS certificates with related versions and expiry dates.

Pre-deal best practices start with knowledge

M&A teams need reliable pre-deal audit data on the domain assets and DNS network they’re acquiring. Commercially available domain audit tools are uncommon. Thankfully, some firms have developed systems and techniques to audit domains and DNS networks. Using these technologies, due diligence teams gain invaluable data during the “pre-deal” phase, providing insights into the asset value, a one-time snapshot into DNS security posture, and a checklist to execute before and after closing.

Post-deal execution leverages pre-deal audit data

Without accurate pre-deal data, M&A teams assume the risks in acquiring domain and DNS assets. Compounding the security risks are the operational issues of absorbing unknown digital assets into the acquiring company’s network operation. The buyer already has its own domain and DNS problems. Adding acquisition complexity exacerbates the problems with more registrars, DNS, and certificate authorities.

Download the full white paper to continue reading
Other white papers you may find useful
Why your Enterprise is Exposed on the DNS White paper
A CISO Brief: Why your Enterprise is Exposed on the DNS Lack of functional ownership over domain and external DNS security, combined with a lack of unified control systems to enforce DNS security policies are the top factors that expose your company and customers to external DNS vulnerabilities. Download the white paper
How to Implement and Manage DNSSEC White paper
How to Implement and Manage DNSSEC DNSSEC was the DNS industry’s response to solve an inherent vulnerability in the DNS query/answer integrity gap. Learn how to protect your brand, keep your customers and audiences safe. Download the white paper
9 TLS and DNS Risks to Enterprise Security and Compliance white paper
9 TLS and DNS Risks to Enterprise Security and Compliance Eliminate known DNS and TLS problems that put your security and compliance at risk. Multiple, known weaknesses in the internet chain of trust put enterprise data security at risk. This white paper identifies 9 issues with DNS and TLS that organizations need to understand and address to ensure data is secure and customers are protected. […] Download the white paper
By using this website you agree to our use of cookies.
Learn more