May 26, 2020
Interviewed by: David Snow
Video Clip
Login to view full video

Cyber Hygiene: Important in Due Diligence and as a Business Model

An interview with Richard Lawson, founder of HGGC, and David Van Wert of RSM about the rising importance of IT security in the protection and growth of middle-market value.

An interview with Richard Lawson, founder of HGGC, and David Van Wert of RSM about the rising importance of IT security in the protection and growth of middle-market value.

PRIVCAP TRANSCRIPT

“Cyber Hygiene: Important in Due Diligence and as a Business Model”

Privcap: Data security has been very much in the headlines the past several years. Can you talk about what you believe will be the most interesting investment opportunities around cybersecurity and data security?

Richard Lawson, HGGC: Cybersecurity has obviously been an ever-increasing issue, not only in terms of businesses that can serve as a target, but also in the type of diligence that we do. So, what has been fascinating is that five to seven years ago, we thought very differently about compliance and technical diligence, about bringing in third parties to do cybersecurity audits on our own portfolio companies, or prospective companies. Then, on the other side, the opportunity in security is very interesting as well. You have just a whole host of businesses in that security space that are sponsor-owned, or that are public, that have grown and become very successful and very needed. There are Okta, QualiCES, SalePoint, Symantecs, Proofpoint. What you’re also seeing is quite a bit of consolidation.

David Van Wert, RSM: It used to be that everyone was reactive, and this was all very new. Now, it’s known that there are hackers out there that are going to try to get into your environment. And the question is, how do you respond? We’re seeing a lot of focus on assessing the data, training your people. There’s been a boom in cybersecurity insurance. From an RSM standpoint, cybersecurity has been one of the fastest growing forms of due diligence. Understanding what the risks are going in, with eyes wide open, has become part of the deal thesis.

Privcap: If you buy a company with poor cyber hygiene, so to speak, I would imagine that elevates the risk of value destruction.

Lawson: Yes, it absolutely can. When you’re buying traditionally on-prem software companies, those are different from SaaS businesses. One might argue that it would be harder to acquire a SaaS business. I think it’s the other way around. The holes in are just less than they would be if you were buying a big organization with multiple touch points.

Register now to watch this video and access all content.

It's FREE!

  • CHOOSE YOUR NEWSLETTERS:
  • I agree to the Privcap terms of use and privacy policy
  • Already a subscriber? Sign In

  • This field is for validation purposes and should be left unchanged.