Investment intelligence for cybersecurity transactions

Cybersecurity investments fail for reasons most diligence never uncovers.

SME is an investment intelligence platform for cybersecurity transactions. We help private equity and venture investors make better decisions, before the LOI and through the hold, with the judgment of operators who have built, scaled, and exited in this sector.

What we do

We help private equity and venture investors make better cybersecurity investments.

Why we are different

We evaluate companies like operators, not consultants.

Why it matters

The biggest investment risks are operational, not financial.

Why trust us

We have built, scaled, and exited cybersecurity companies. Real operating and transaction experience.

Carlyle
Led the sale of ICSynergy International to The Carlyle Group (2021).
Global M&A
Headed worldwide M&A at iC Consult, a Carlyle-backed cybersecurity services advisory.
500+
Delivery leadership and partner management behind 500+ IAM projects across IGA, AM, PAM, and Managed Services.
30+ yrs
Founder and operator experience across cybersecurity, identity, and telecom.

Why deals miss

Why cybersecurity investments miss their targets.

Five risks decide whether a cyber investment delivers, and each is an execution question that financial diligence rarely surfaces.

Category risk

The product is strong, but the market category is shifting underneath it.

Go-to-market risk

Revenue depends on founder relationships, not a repeatable GTM engine.

Operator risk

Services margins look healthy, but delivery does not scale.

Leadership risk

The leadership team cannot execute the plan being underwritten.

Integration risk

Integration costs more than the model assumes.

See the nine specific risks we look for →


Where we sit

Three questions decide a cyber deal. We answer all three.

Most advisors answer one. The deals that create enterprise value, and the ones that destroy it, turn on all three at once.

Traditional diligence

“Is this company healthy?”

Financials, legal, and compliance. Essential, but it tells you where a company has been, not where it can go.

Operator diligence

“Can this company scale?”

Product maturity, go-to-market, leadership, and integration. The questions you can only answer if you have run the playbook yourself.

Investor diligence

“Will this create enterprise value?”

Thesis, value-creation levers, and the path to exit, tying the operating reality to the return.

SME sits exactly at that intersection: operator judgment most diligence teams do not have, applied to the investor question of whether the deal actually makes money.


Why SME

Operators on your side of the deal, not generalists.

Most cyber diligence is run by analysts who have never carried a number, shipped a product, or integrated an acquisition. We have.

Every principal has founded or led a cybersecurity or identity business, owned a P&L, and lived through the transactions that follow. We have sold a company to a global private-equity leader, headed up Global M&A at iC Consult, a Carlyle Group company, and built and scaled professional services organizations at Okta, Tealium, and beyond.

That means we read a target the way an operator does: where the product really sits, whether the go-to-market actually scales, what integration will cost, and where the value is hiding. Pattern recognition you can only get from having done it.

Why we built SME →


Our edge

We know identity. And we know private equity.

Most diligence firms know finance. Most security consultants know technology. Almost no one combines deep identity and cybersecurity expertise with category creation, go-to-market, M&A, and how a sponsor actually creates value. That combination is the edge, and it is exactly what a cyber or identity deal turns on.

Identity and security depth

We have built and run businesses in this market, not just studied it. IAM, PAM, and Zero Trust, identity governance, and the platforms your targets are built on.

IAM PAM Zero Trust Identity governance Cyber market strategy

Operator and investor lens

We have created categories, scaled go-to-market, run M&A, led at the executive level, and lived a private-equity exit. We read a target the way the people running it, and the people buying it, both do.

Category creation Go-to-market M&A Executive leadership Private equity

When a deal lives or dies on identity, you want both in the same room.


The platform

An investment intelligence platform, not a consulting firm.

Traditional advisors sell hours. We sell better investment decisions. SME brings operator judgment and sector intelligence to every stage of a cybersecurity transaction, from the first read on a target through value creation and the next thesis.

The platform spans the full transaction lifecycle, delivered through scoped engagements. Some capabilities are delivered today; others are expanding as the platform grows.

Decide · pre-deal intelligence

Operator diligence

An operator's read on whether a target can actually scale, where the value is, and what integration will cost.

Executive assessments

Whether the leadership team can deliver the plan being underwritten, and where the gaps are.

Market maps

Where a cyber or identity category is heading, who really wins, and where the white space is.

GTM diagnostics

Whether the commercial engine is built to scale, or resting on heroics and a few relationships.

Create · post-close value

Portfolio value creation

Turning the investment thesis into operating reality after close, tied to measurable milestones.

Board advisory

Operator judgment in the boardroom through the hold, keeping the plan honest as conditions change.

Foresight · forward intelligence

AI & quantum cybersecurity perspectives

Where the market is moving next, including post-quantum and AI, and what it means for value and risk.

Research subscriptions

Ongoing intelligence on the cyber and identity transaction landscape, for investors who want a standing edge.


The bench

You are not hiring one advisor. You are hiring a bench.

A specialist operating platform with decades building, running, and exiting cybersecurity and identity businesses, including a founder-led exit to The Carlyle Group, and deep delivery inside the identity platforms your targets are built on.

Mike Thompson
Mike Thompson
Founder & Managing Partner

Built and sold ICSynergy to The Carlyle Group, then headed Global M&A at iC Consult, a Carlyle company. 30+ years across cyber, identity, and telecom.

Dr. Shaibal Chakrabarty
Dr. Shaibal Chakrabarty
Partner & CTO

Ph.D. in cybersecurity. Led enterprise security architecture and FFIEC compliance at Silicon Valley Bank and ran managed security with full P&L at AT&T.

Erin Tiedeman
Erin Tiedeman
Partner & COO

Scaled professional services and customer success at Okta and Tealium, with delivery leadership behind 500+ IAM projects across IGA, AM, PAM, and Managed Services.

Operating and leadership experience across
Okta iC Consult · Carlyle Tealium Cisco AT&T Silicon Valley Bank BMC Software Nortel ICSynergy → Carlyle exit
Identity ecosystem depth
SailPoint CyberArk Okta Saviynt Microsoft Entra

Meet the full team →


How we engage

How we plug into the deal lifecycle.

Scoped engagements with a clear deliverable, built for the speed of a live process.

Pre-deal

Know the real risks before you commit.

An operator's read on a cyber or identity target: product maturity and defensibility, go-to-market scalability, competitive position, customer concentration, and technical debt. We pressure-test the thesis while the findings can still change the price or the decision.

When: evaluating a target, on IC timelines.
Post-close

Accelerate revenue growth after close.

Sector-specific value creation for cybersecurity and identity portfolio companies: positioning, product roadmap, packaging, and competitive differentiation, tied to the investment thesis and the value-creation plan.

When: sharpening a cyber or identity portfolio company.
Sourcing & integration

Find the targets competitors overlook.

Thesis-driven target identification, market mapping, and bolt-on sourcing, then post-merger integration that protects enterprise value through the first 180 days and captures the synergy across technology, leadership, and operations.

When: building a platform or executing a roll-up.
Fractional leadership

Close the leadership gap, fast.

Fractional CISO, CTO, and COO firepower for portfolio companies that need senior cyber and operating muscle without a full-time hire, including board-ready reporting that keeps the thesis on track.

When: a portfolio company has a leadership gap.

See the full services framework →


Track record

What it looks like when it works.

Anchor engagement

ICSynergy International → The Carlyle Group

Built ICSynergy into a top-tier identity and access management advisory firm, then led the process that ended in its acquisition by The Carlyle Group in 2021. Operator-led growth, positioned and sold to one of the world's leading private-equity investors.

2021
Acquisition by Carlyle
IAM
Pure-play specialization
Founder-led
Built and exited
Who we work with

Built for investors in the cyber and identity sector.

Private equity

Platform and bolt-on diligence, value-creation planning, and integration for control investors building in cybersecurity and identity.

Growth & venture

A technical and commercial read on earlier-stage cyber companies, plus GTM and scaling support for portfolio founders.

Investment banking

Sector expertise and operator perspective to support sell-side positioning and buy-side target assessment.

Strategic delivery partners

You engage SME. We bring the right bench.

Where a mandate needs commercial execution beyond cyber-sector diligence, we bring in strategic partners like GSCE, our joint practice with Fortis Innovators. One relationship, the right specialists behind it.

GSCE Partners →
Considering a cyber investment?

Get an operator's read before the LOI.

The earlier we look, before LOI, before signing, the more the findings can still change the price, the terms, or the decision. We work with a select group of sponsors. If the situation fits, a short conversation tells us both.