Goldman Sachs Alternatives Invests $120 Million in Cybersecurity Firm Schellman

Schellman, a privately held cybersecurity firm specializing in compliance frameworks and risk assessment for regulated industries, has secured a $120 million investment from Goldman Sachs Alternatives. The capital infusion will support Schellman’s expansion into federal government contracting, development of AI-driven compliance automation tools, and international market entry, particularly in Europe and Southeast Asia. The firm has reported annual revenue of $78 million for the fiscal year ending December 2025, with a 22% year-over-year growth rate driven by demand for SOC 2, ISO 27001, and FedRAMP certification services. The investment is structured as a minority stake, with Goldman Sachs Alternatives acquiring a 35% equity position in Schellman. This marks one of the largest private equity commitments in the cybersecurity compliance space since 2024, reflecting a broader trend of institutional capital flowing into firms that serve critical infrastructure and defense-sector clients. Schellman’s client base includes over 1,200 organizations across financial services, healthcare, and federal contractors, with 28% of its revenue derived from U.S. Department of Defense (DoD) and intelligence community partners. The move follows recent regulatory tightening on data security in federal contracts, including the Cybersecurity Maturity Model Certification (CMMC) rollout. Schellman’s compliance audit services are now used by 14% of DoD subcontractors, a figure that has grown 40% since 2023. The firm plans to hire 190 new staff by 2027, with 60% focused on engineering and AI integration teams to enhance automated audit workflows. Market impact remains limited due to Schellman’s private status and lack of public trading. However, the investment may prompt increased scrutiny from venture capital and private equity firms targeting cybersecurity infrastructure providers. No direct influence on broader indices such as the S&P 500 or VIX levels (currently at 18.4) is expected, though the event could subtly affect investor sentiment in the niche cybersecurity compliance sub-sector.