Australian cybersecurity firm CyberCX has been sold to multinational consulting giant Accenture in a billion-dollar deal poised to shake up the domestic cybersecurity sector.
Announced Friday, the acquisition will see Accenture take on hundreds of CyberCX clients across Australian banking, government and critical infrastructure, as well as the firm’s approximate 1,400 staff.
CyberCX declined to provide additional commentary, though sources close to the deal told the Australian Financial Review that Accenture valued the company at more than $1 billion.
Representing its largest cybersecurity acquisition in 36 years of business, Accenture’s head of Australia and New Zealand, Peter Burns, said the deal would help the company meet an increasing demand for cybersecurity services.
“The need for responsible governance is also rising as AI and quantum technologies advance,” he said.
“CyberCX’s breadth of capabilities, trusted relationships with government and critical infrastructure organisations, and exceptional talent in the region, combined with Accenture’s local and global scale and innovation, will help us meet this ever-increasing client need.”
CyberCX chief executive John Paitaridis said he was proud of the business having become “one of the leading providers of cybersecurity services in the region”, and the Accenture deal constituted a “force multiplier” as the companies accelerate their growth in the Asia Pacific.
The deal is subject to approval by Australia's Foreign Investment Review Board.
Big value for Australian cyber outfit
CyberCX has been a dominant force since entering the Australian security sector in 2019.
The firm has serviced big-name clients such as Microsoft, Origin Energy, the Australian Football League and the big four banks, and has worked on some of Australia’s most significant cyberattacks, including those at St Vincent’s Health Australia, Energy One, Medibank and Qantas.
John Paitaridis, once Optus managing director, heads CyberCX; former head of the Australian Cyber Security Centre, Alastair MacGibbon, has spent six years as chief strategy officer; and former lecturer for Australian National University’s masters in national security policy, Katherine Mansted, serves as executive director of cyber intelligence.
The acquisition represents the latest in a string of 20 global security outfits to be hoovered up by Accenture since 2015, following Brazilian firm Morphus, Mexican firm Mnemo and Spain’s Innotec Security.
Accenture typically refuses to publicise the value of its acquisitions, though a 2020 purchase of UK firm Context Information Security was reportedly valued at $223 million (£107 million) – less than a quarter of CyberCX’s reported $1 billion valuation – while a 2024 acquisition of consultancy Partners in Performance reportedly totalled $375 million.
“CyberCX is one of the largest and most prominent cybersecurity firms in the Asia-Pacific region,” an Accenture spokesperson told Information Age.
“In considering this acquisition, we did a comprehensive market analysis and found that CyberCX’s capabilities strongly align with our own capabilities and business.”
Experts prepare for industry shakeup
Nick Ellsmore, director of Sydney advisory firm Delling Advisory, wrote that the long-rumoured acquisition signalled the “biggest shakeup in the [Australian] cybersecurity industry in at least a decade”.
He speculated some of the firm’s sizeable workforce could shuffle following the takeover, while not all clients were guaranteed to love the change.
“Despite all the best intentions in the world, you simply will not get the same level of service from a company with 791,000 staff, as you will from someone smaller,” he said.
Speaking with Information Age, Matt Tett, managing director of consulting and testing firm Enex TestLab, said while it's too early to gauge a reaction from CyberCX's client base, customers do often look for a "sovereign capability" when choosing their suppliers.
"Customers will likely consider Accenture's funding and talent sources, but I'd expect CyberCX will still make a move to look after our own,” he said.
Tett said the acquisition also shows Australia is “capable of punching above [its] weight".
“I think it's a good thing for Australia,” Tett said.
“To have one of the big consulting companies like Accenture put money behind CyberCX will definitely drive focus on Australian capability.
“With luck, some of the money from this acquisition may bolster the 'war chests' of a number of this country's investors, providing some funding to flow back into Australian cyber start- and scale-ups.”
Jamieson O’Reilly, founder of Australian information security company Dvuln, said CyberCX had “paved the way for others to follow” and he would be closely watching “Accenture’s influence within ACT government circles”.
“In my opinion, this acquisition will strengthen it even further,” he told Information Age.
