Cyber Profound acquires managed security service providers that meet a defined set of financial, operational, and cultural criteria. We do not run auctions. We do not impose integration timelines. Every acquisition begins with a private conversation.
We focus on firms with demonstrated recurring revenue, healthy margins, and a client base that reflects the firm's long-term quality. Below are the primary financial thresholds we apply.
Firms below $3M lack the operational infrastructure we require. Firms above $20M are evaluated case by case.
Managed contracts, retainers, and subscription-based services constitute the majority of revenue.
We look for firms with proven margin discipline, not growth-at-any-cost economics.
Established client relationships and operational history are prerequisites for consideration.
Absolute earnings reflect the firm's capacity to sustain operations independently under our ownership.
Retention is a proxy for service quality and relationship depth — both of which are non-negotiable.
Financial criteria are necessary but not sufficient. We also evaluate the operational characteristics that determine whether a firm can scale within our platform.
We prefer acquisitions where the founding or senior leadership team remains engaged post-close, either in an operational or advisory capacity. We do not acquire to replace management.
No single client should represent more than 30% of total revenue. Concentration risk is evaluated as part of our due diligence process.
Multi-year managed service agreements and SOW-based retainers are weighted more favorably than project-based or transactional revenue streams.
We prioritize firms operating across North America. Regional concentration is evaluated in the context of the client base and sector served.
While we evaluate firms across sectors, we have particular depth in the following sectors and weight them accordingly in our acquisition process.
Clarity matters. The following categories fall outside our current acquisition mandate. We do not evaluate them, and we decline inquiries in these areas without prejudice.
Pure technology resellers with no managed service component.
Firms with revenue below $3M or operating history under three years.
Businesses with unresolved litigation, pending regulatory action, or material customer disputes.
Firms seeking a quick close without leadership continuity.
Project-based IT firms without a recurring contract base.
Companies operating exclusively outside North America.
Every conversation is confidential. We do not share your information, reference your name in the market, or communicate with your clients or competitors at any stage.
A confidential call to understand your business, your goals, and whether there is a mutual fit.
We review financials, contracts, and operational structure under NDA. No bankers. No intermediaries.
If there is clear alignment, we issue a non-binding LOI within 30 days of preliminary review.
We close with our own capital and legal team. No financing contingencies. No extended timelines.
All conversations are confidential. We do not contact clients, employees, or competitors.