Lumifi Expands Service Offerings with Critical Insight Acquisition

Lumifi, a managed detection and response (MDR) provider, has acquired cybersecurity-as-a-service provider Critical Insight.

This marks Lumifi’s third acquisition in 13 months. It expands the company's service offerings, and strengthens its presence in the health care and critical infrastructure cybersecurity sector.

The acquisition adds to Lumifi's existing offerings, including its 24/7 security operations center (SOC), MDR and ShieldVision platform. Critical Insight's incident response capabilities complement Lumifi's threat monitoring, while its professional services expand the ability to provide tailored cybersecurity strategies.

Michael Malone, Lumifi’s CEO and founder, tells us his company’s strategy is both organic and inorganic growth.

Lumifi's Michael Malone

“We have a technology, ShieldVision, that allows you to bring your own tech,” he said. “So you could have Carbon Black, CrowdStrike, whatever at the endpoint, whatever security information and event management (SIEM) or whatever network detection and response (NDR). So since we developed that technology, consuming MDR companies that have a myriad of tech … doesn’t make a difference to us, so customer acquisition and moving them to our platform is the way we're going about it. We did not work with Critical Insight prior to this and they have a healthy install base in health care, which we feel is a very value-added space. Roughly 40% of their customer base is in health care. This is part of our strategy. We’ll do three or four more acquisitions in 2025. We actually have a list of companies we’re targeting for 2025.”

Related:Salesforce Layoffs Land at Newly Acquired Own Company

What Acquiring Critical Insight Means for Lumifi MSPs

For Lumifi’s MSP partners, the acquisition offers cybersecurity-related professional services that Lumifi doesn’t offer, Malone said.

“We’re obviously going to offer those services to our direct customers and our MSP partners,” he said. “We think it's a true value-add, and we also think it will be leads for our friends that are our MSPs. So when you do an incident response retainer or when you do an assessment, those turn into leads for those MSP partners.”

Lumifi is “marching” toward its goal of being a $100 million cybersecurity company by the end of 2026, Malone said.

“The competitive advantage for the MSP space is additional tech and additional install base, but more importantly some of those professional services that they can lay out to their customer base,” he said.

Upcoming Acquisition in Europe

Lumifi’s customer base includes North America, South America and Europe, Malone said.

Related:Netrio, Success Acquire MSP PCA Technology Group

“We see a possible acquisition in 2025 in Europe and the reason we want to do that is currently our facility in Scottsdale, Arizona, is 24/7/365 and we want to push that nighttime work over to a security operations center (SOC) in Europe, " he said. “We see that as an easy acquisition from an operational and a footprint standpoint to have a business that's 70% or more of their business is out of Europe. So we see that going that route.”

Lumifi’s acquisition targets are typically pure MDR players, with $7 million to $30 million in revenue, Malone said. They may also have a need because they're stuck with tech debt.

“In the case of Netsurion, the acquisition from May, it was older technology that needed to be replaced,” he said. “In this case, they're on a good platform, but we give them … technology that’s more updated and more flexible from an MSP perspective, so that gives us a little bit of an advantage.”

Lumifi’s Partners Generating More Revenue

Partners now generate 22% of Lumifi’s revenue, Malone said.

“We see it being roughly 50% in less than 18 months,” he said. “Given how much we're organically growing, 25% to 30%, and our acquisitions, the fact that it will be 50% is pretty incredible.”
"This acquisition creates a formidable force in the MDR market that will deliver enhanced protection to our combined customer base," said Garrett Silver, Critical Insight’s CEO. "By uniting our teams, we're addressing the critical need for advanced cybersecurity solutions in health care, local government and other high-risk industries. Our shared expertise will drive innovation in threat detection and response, setting new standards for protecting sensitive data and critical infrastructure."

Related:AppDirect Buying vCom, Boosting Life Cycle Management