Investment bankers and private equity are often called out for predatory practices. While they might create some fast profits, they do very little to advance the development of an industry or a sector.
Spinning off the discrete operations of a particular business and listing it on the stock exchange or buying a company cheap and fattening it up for a sale or float are time-honored practices that have created wealth for investors, but – in the long run – questionable industry value.
There is, however, a productive role that this financial expertise can be deployed in nascent technology industries where small companies struggle for scale. It can also focus on endpoint solutions that struggle to fit into the procurement practices of the larger organizations they target.
Playing with the big boys
A frequent complaint, from all sides, in Australia’s emerging RegTech sector, is that startups need to cooperate or even merge to deliver value to larger clients.
Compliance executives at large financial services companies live in a state of siege from continual pitching from small startups. While many of them might have excellent ideas, their lack of scale and technological maturity can make it complicated for their solutions to be integrated.
One common approach has always been for the large technology companies to buy up smaller ones, including their intellectual property and solutions in their own market offering. But a recent private equity deal in Australia shows that there could be another way.
The creation of CyberCX offers another way to create full-service behemoth from smaller startups.
After a year or more of negotiation with the owners and founders of the 12 companies, CyberCX has emerged as a 400-headcount consulting firm with an end-to-end approach and the goal of taking on the major global players in the Australian market.
Headed by industry veteran John Paitaridis as chief executive, the idea for CyberCX was to create a full-service provider which can deliver services and advice across risk and compliance, assurance, integration, forensics, and education.
In a major coup, the company also recruited the former head of the Australian Cyber Security Centre (ACSC), Alastair MacGibbon, as its chief strategy officer.
It provides a strong Government and Defense sector connection for the company, as one of the firms involved in the deal was Trusted Security Services, a startup established in 2011 by former officers from the Australian Government’s Signals Directorate.
These two high-level executive appointments give the company strong industry credibility and reassure the market that the company is not merely a large roll-up, lacking in leadership and focus.
The superbrand effect
One of the significant issues in the cybersecurity space in Australia has been a lack of expertise and talent just as threats have become more frequent and sophisticated.
CyberCX offers a critical mass of expertise and a local “superbrand” that will be critical for IoT security.
The creation of CyberCX delivers a critical mass of expertise and a local “superbrand” in a market where organizations, if they sourced locally, would previously deal with multiple entities – an added complication in an area that is becoming increasingly urgent. The advent of the IoT is about to make it even more critical.
The CyberCX footprint currently comprises 25 offices in every mainland capital of Australia, except Darwin, and combined revenues are at AUD 100 million.
Right now, CyberCX estimates the Australian cybersecurity market is valued at AUD 4.1 billion, part of a global industry which is anticipating compound annual growth of 11% out to 2025.
A local challenger emerges
Up until now, Australia's cybersecurity industry has been dominated by multinationals or onshore companies such as telco Optus which is owned by SingTel. Customers now have the option of a homegrown alternative that combines the best and brightest in the local industry, under-recognized leadership.
The new business model might work effectively in other emerging technology areas.
CyberCX is, of course, untested as a new entity. The announcement of the deal was only made in the last months of 2019, so 2020 is a big year for proving the new whole is bigger and better than the sum of the smaller parts.
More importantly, the CyberCX example provides a model that might work effectively in other emerging technology areas, such as fintech and, more particularly, RegTech, which is newer and less mature.
Private equity has always had a big focus on technology companies. A lot of wealth has been created from buying small companies, nurturing them, and then packaging them for sale.
If CyberCX works, it will not only make significant returns for the BGH Capital investors but leave behind a meaningful company that will help Australia's cybersecurity fight and make a contribution to the local technology industry.
Photo credit: iStockphoto/Ong-ad Nuseewor