The middle market is often underserved by firms with strong cybersecurity capabilities, in spite of such threats being widely considered one of the biggest risks to their business. Earlier this month, Audit and Tax consulting firm RSM joined forces with security and privacy firm SecureState. The acquisition will bring more than 50 additional employees to RSM’s team and expand its presence in the Ohio market. It also bolsters the firm’s growing security and privacy practice in everything from compliance and risk awareness to incidents and breaches. The combined forces of SecureState and RSM will add new depth of knowledge and expertise to serve that middle market segment. Consulting recently caught up with Ken Stasiak, founder of SecureState who is joining RSM as a Principal.
Consulting: How did the SecureState acquisition come to be?
Stasiak: At SecureState we’ve gone through and continuously evaluated where the market is at from a cybersecurity perspective. Over the years we’ve talked to many firms about the opportunity of an M&A or acquisition. We really started to heat up the conversation early last year when we got formally introduced to RSM. We were looking at a number of different firms but really just from the first meeting with RSM saw the synergies of the two organizations, the alignments, and really where we can all benefit and get to the next level. That’s why we decided to move forward with RSM and have really been very happy. You always think it’s going to go really well and everything looks good, but it’s actually going even better than we thought.
Consulting: What made RSM a good fit as an acquirer for SecureState, the company you founded?
Stasiak: It wasn’t an easy decision, it wasn’t one of those where we were looking to sell. I think that’s probably a key differentiator. We were doing very well, we were profitable and growing. The number one thing was is this a good acquisition for the employees, does it give them a better career path, does it give them better opportunities that we couldn’t provide here. That was first and foremost. Second was the culture, is it going to change? We’re all located in Cleveland in a building together and it stayed the same. I think they were very receptive to our culture and our people. Another thing we looked at was growth potential, us getting into a bigger organization, increasing our footprint and really looking to expand the cybersecurity services really focused on the middle market which is a great tie-in to where RSM is.
Consulting: What capabilities will the addition of SecureState’s team and resources add to RSM?
Stasiak: RSM currently has a security privacy and risk group practice with about 90 resources in there. We’re bringing overall to that mix probably another 30-40 resources directly relating to security privacy and risk. So one would be the strength of the team. Another thing is the great geographic presence. If you look at consulting in Cleveland for RSM and Ohio and the territories around, it was an area they wanted to get further invested in. We bring that immediate geographical presence to the geographical area. In addition to looking at some of the opportunities RSM currently has in their skillset, they’re very focused on forensics, we’re not, so we have those capabilities now tying into a firm that has deep roots there. We also bring some additional services they weren’t as focused on, so overall it expands our portfolio of services we can go to our client base with. It expands our geographical footprint and adds resources across the U.S. with more than 90 offices we can tap into. In consulting people want to be able to pick up the phone, go out to lunch and have those resources available.
Consulting: What are some middle market opportunities you’re seeing around security and privacy?
Stasiak: I think when people look at or hear middle market they try to put a number around it. Here at RSM what we really look at is generally private companies, entrepreneurial in spirit, fast growing, growth-oriented, and they really want that first-choice advisor. They can pick up the phone and say I have cybersecurity issues, I have international tax issues, I have supply chain issues, can you help? That’s something RSM has done very well, and we just expanded those capabilities even further with cybersecurity, which is a sweet spot in that market. There aren’t a lot of organizations serving that market to the level it should be, and they’re definitely not bringing the portfolio of services that RSM has to that middle market, so it’s a very strong proposition.
Consulting: Why is it so underserved?
Stasiak: A lot of the firms aren’t necessarily going to bring the level of expertise that RSM can bring in different platforms. When you look at cybersecurity, it’s probably an area they had potential interest but never felt comfortable they had a trusted advisor, someone they worked with previously to address those needs and find out what options are available. A lot of times cybersecurity resources kind of go where the action is. Retail was big because of all the breaches with retail organizations, and that’s kind of moved over to healthcare, but when you look at middle market it’s kind of a blend of all of those. So they don’t get the direct, immediate attention. When you have that ability to tap into that and really expand that base I think you’re going to start to see much more involvement and engagements in middle market for cybersecurity because it’s not an added on product, it’s not a one-off, it’s an integrated solution.
Already have an account? Sign In
Already have an account? Sign In
*May exclude premium content