For the fourth time this month, an MDR (managed detection and response) company has been involved in a security business spin-off. This time, the news involves CriticalStart -- a Top 250 MSSP and Top 40 MDR security provider -- spinning off CyberOne, a value-added reseller (VAR) that generates more than $100 million in annual revenue. Financial terms of the spin-off were not disclosed.
CyberOne’s security solutions will consist of consulting and professional services, which include Red Team services from the TeamARES specialized group. The VAR will also expand vendor relationships across North America, CyberOne indicated.
CyberOne Executive Leadership Perspectives
In a prepared statement, CyberOne President Ric Hughey said:
“Cybersecurity needs of our customers are always evolving, so the ability to work with customers and vendors beyond the Texas, Oklahoma, Louisiana and Arkansas region is the natural next step. We’re thrilled to be able to bring even more value to customers as a trusted advisor, and meet their needs, no matter where they are.”
Added Tera Davis, managing director at CyberOne:
“We are excited to be able to provide value to customers nationally. We look forward to expanding relationships with our strategic vendors as well. This has been a long-standing request from those vendors, and we’re happy to see that coming to fruition.”
Read between the lines and it sounds like CyberOne will have more flexibility as an independent VAR -- apparently free from CriticalStart's specific MDR platform choices. On the flip side, it's a reasonable bet that CriticalStart's financial engine now includes a larger percentage of monthly recurring revenue (MRR), which typically generates a higher business valuation than product resale.
MSSP, MDR and Security VAR Spin-Outs
Although M&A activity among MSSPs remains strong, the opposite trend also has accelerated. Indeed, multiple businesses have spun-off their MSSP and cybersecurity organizations. Sometimes, the move is designed to unlock shareholder value. Other times, the spin-out is designed to increase the MSSP or cybersecurity company’s pure-play focus on a particular market niche or opportunity.
Key industry moves include:
- November 2021: NXTsoft spun out its ThreatAdvice division as a standalone MSSP.
- November 2021: Booz Allen Hamilton spun off the SnapAttack threat hunting & detection company, backed by Volition Capital & Strategic Cyber Ventures.
- November 2021: TorchLight, an MSSP spin-off from IT consulting firm Intrinium, launched a ransomware detection architecture (RDA) & MDR cybersecurity services.
- June 2021: RSA Security spun off its Fraud & Risk Intelligence business into a standalone company called Outseer.
- January 20219: Exigent Technologies launched Partners in Regulatory Compliance (PIRC), a consulting firm that specializes in risk management & cybersecurity services.