Rising Stars 2020: The ambitious MSSP
Bullish MSSP Adarma - one of six firms highlighted in CRN's Rising Stars 2020 report - is plotting international expansion under new private equity backer Livingbridge. MD David Calder opens up on the Edinburgh-based outfit's growth plans
This Q&A appears in CRN's 2020 Rising Stars report, which highlights some of the most dynamic, profitable and fastest-growing resellers, MSPs and consultancies featured in CRN's recently released VAR 350.
The full Rising Stars report can be viewed here (brief registration process required)
Firm: Adarma
Founded: 2009
Key vendors: Splunk, ServiceNow, Tenable, Crowdstrike
VAR 350 ranking: 130
Revenue: £32.6m (+24%)
Net profit margin: 10%
What would you attribute your growth and profitability to?
I think our secret is being really close to our customers. I've worked for a raft of different banks as head of security, so I understand their pain points quite well. My background, and that of a lot of the management team, is walking in our customers' shoes, having held those roles.
Another massive difference is that we are not primarily a VAR. We do resell licences and subscriptions, but only for technology in which we are truly expert, and just as an enabler for us to get really close to those vendors to drive that expertise. The software component of our revenue is around 10 per cent, and the rest of it is professional and managed services. That helps drive up that margin.
Private equity house Livingbridge is aiming to build a cybersecurity business "of real scale" after backing your MBO from Scottish IT services business ECS in June 2019. What is the plan?
We are very focused on internationalisation. We don't want to change the business model of being very close to customers, but our plan is to establish a footprint in Europe and the US over the next 12 to 24 months. We also want to continue to scale up in terms of our managed security services. We do three types of managed service: wholly onsite; on our own site in Edinburgh (we have a multi-tenant SOC there with about 15 customers in it); and a hybrid between engineer on-site and using the SOC for volume. Scaling that investment is really important for us.
Under ECS, your business grew from £1.4m to £32m revenue. Why was it the right time to pursue a private equity-backed MBO last year, and why Livingbridge?
We were sharing group resources and were like the grown-up child who consumes the contents of the fridge. So I agreed a strategy with them to look for alternative investment. I looked at trade but it was just too early in our journey to realise the opportunity we had.
We must have met with 20 private equity companies as part of the journey. I met Livingbridge fairly early on, and was really struck by its approach to investments. ECS had been a bit of an incubator for us and helped us understand how to sell, how to run finance and so on, so I saw [Livingbridge] as a natural continuation of that into a bigger scale. They have X number of CMOs and X number of other experts in their growth acceleration team that we had access to. Private equity seemed a natural fit for us and when going through the due diligence I learned a huge amount about both my own business - because you've got all these experts applying different lenses and asking all these questions - and myself as well.
How will successful cybersecurity providers need to reshape their businesses in the 2020s?
Fortunately for us, I came from building SOCs on the customer side, as did a lot of my colleagues. We also had a lot of experience of outsourcing them as well, so we had frustrations about SOC 1.0 when it was outsourced. The worst experience I had was phoning a large MSSP when we had an issue and saying ‘hello it's David Calder from X organisation', and they said ‘what's that'? They didn't even know the company name.
So we've been focused on whatever we built we would want to consume ourselves. Our intention was never to build a call centre where you raise a ticket and someone might get back to you after a four-hour SLA with a carefully crafted report or message. Our customers each have their own instances of Splunk, so they can see the events coming in, the alerts being created, the tickets being cut, the analysts typing. I think that's a move the industry as a whole will need to make.