SME is an investment intelligence platform for cybersecurity transactions. We help private equity and venture investors make better decisions, before the LOI and through the hold, with the judgment of operators who have built, scaled, and exited in this sector.
We help private equity and venture investors make better cybersecurity investments.
We evaluate companies like operators, not consultants.
The biggest investment risks are operational, not financial.
We have built, scaled, and exited cybersecurity companies. Real operating and transaction experience.
Five risks decide whether a cyber investment delivers, and each is an execution question that financial diligence rarely surfaces.
The product is strong, but the market category is shifting underneath it.
Revenue depends on founder relationships, not a repeatable GTM engine.
Services margins look healthy, but delivery does not scale.
The leadership team cannot execute the plan being underwritten.
Integration costs more than the model assumes.
Most advisors answer one. The deals that create enterprise value, and the ones that destroy it, turn on all three at once.
“Is this company healthy?”
Financials, legal, and compliance. Essential, but it tells you where a company has been, not where it can go.
“Can this company scale?”
Product maturity, go-to-market, leadership, and integration. The questions you can only answer if you have run the playbook yourself.
“Will this create enterprise value?”
Thesis, value-creation levers, and the path to exit, tying the operating reality to the return.
SME sits exactly at that intersection: operator judgment most diligence teams do not have, applied to the investor question of whether the deal actually makes money.
Most cyber diligence is run by analysts who have never carried a number, shipped a product, or integrated an acquisition. We have.
Every principal has founded or led a cybersecurity or identity business, owned a P&L, and lived through the transactions that follow. We have sold a company to a global private-equity leader, headed up Global M&A at iC Consult, a Carlyle Group company, and built and scaled professional services organizations at Okta, Tealium, and beyond.
That means we read a target the way an operator does: where the product really sits, whether the go-to-market actually scales, what integration will cost, and where the value is hiding. Pattern recognition you can only get from having done it.
Most diligence firms know finance. Most security consultants know technology. Almost no one combines deep identity and cybersecurity expertise with category creation, go-to-market, M&A, and how a sponsor actually creates value. That combination is the edge, and it is exactly what a cyber or identity deal turns on.
We have built and run businesses in this market, not just studied it. IAM, PAM, and Zero Trust, identity governance, and the platforms your targets are built on.
We have created categories, scaled go-to-market, run M&A, led at the executive level, and lived a private-equity exit. We read a target the way the people running it, and the people buying it, both do.
When a deal lives or dies on identity, you want both in the same room.
Traditional advisors sell hours. We sell better investment decisions. SME brings operator judgment and sector intelligence to every stage of a cybersecurity transaction, from the first read on a target through value creation and the next thesis.
The platform spans the full transaction lifecycle, delivered through scoped engagements. Some capabilities are delivered today; others are expanding as the platform grows.
An operator's read on whether a target can actually scale, where the value is, and what integration will cost.
Whether the leadership team can deliver the plan being underwritten, and where the gaps are.
Where a cyber or identity category is heading, who really wins, and where the white space is.
Whether the commercial engine is built to scale, or resting on heroics and a few relationships.
Turning the investment thesis into operating reality after close, tied to measurable milestones.
Operator judgment in the boardroom through the hold, keeping the plan honest as conditions change.
Where the market is moving next, including post-quantum and AI, and what it means for value and risk.
Ongoing intelligence on the cyber and identity transaction landscape, for investors who want a standing edge.
A specialist operating platform with decades building, running, and exiting cybersecurity and identity businesses, including a founder-led exit to The Carlyle Group, and deep delivery inside the identity platforms your targets are built on.
Built and sold ICSynergy to The Carlyle Group, then headed Global M&A at iC Consult, a Carlyle company. 30+ years across cyber, identity, and telecom.
Ph.D. in cybersecurity. Led enterprise security architecture and FFIEC compliance at Silicon Valley Bank and ran managed security with full P&L at AT&T.
Scaled professional services and customer success at Okta and Tealium, with delivery leadership behind 500+ IAM projects across IGA, AM, PAM, and Managed Services.
Scoped engagements with a clear deliverable, built for the speed of a live process.
An operator's read on a cyber or identity target: product maturity and defensibility, go-to-market scalability, competitive position, customer concentration, and technical debt. We pressure-test the thesis while the findings can still change the price or the decision.
Sector-specific value creation for cybersecurity and identity portfolio companies: positioning, product roadmap, packaging, and competitive differentiation, tied to the investment thesis and the value-creation plan.
Thesis-driven target identification, market mapping, and bolt-on sourcing, then post-merger integration that protects enterprise value through the first 180 days and captures the synergy across technology, leadership, and operations.
Fractional CISO, CTO, and COO firepower for portfolio companies that need senior cyber and operating muscle without a full-time hire, including board-ready reporting that keeps the thesis on track.
Built ICSynergy into a top-tier identity and access management advisory firm, then led the process that ended in its acquisition by The Carlyle Group in 2021. Operator-led growth, positioned and sold to one of the world's leading private-equity investors.
Platform and bolt-on diligence, value-creation planning, and integration for control investors building in cybersecurity and identity.
A technical and commercial read on earlier-stage cyber companies, plus GTM and scaling support for portfolio founders.
Sector expertise and operator perspective to support sell-side positioning and buy-side target assessment.
Where a mandate needs commercial execution beyond cyber-sector diligence, we bring in strategic partners like GSCE, our joint practice with Fortis Innovators. One relationship, the right specialists behind it.
The earlier we look, before LOI, before signing, the more the findings can still change the price, the terms, or the decision. We work with a select group of sponsors. If the situation fits, a short conversation tells us both.
