The Australian wing of EY will add the 30-strong firm to its Advisory division, with founder and CEO Philip Mulley set to join EY as Sovereign Cybersecurity leader. The deal – agreed to for an undisclosed sum – is due to close at the start of September, and continues a recent run of security purchases among Australia’s largest consultancies.
“Cyber security is a critical business function that has moved beyond our clients’ technology agenda,” said recently installed EY Australia CEO David Larocca. “This is because we’re seeing a dramatic escalation in the frequency and impact of ransomware attacks that are changing the way Boards are accountable to stakeholders. “Our clients are telling us that cybersecurity is one of their greatest concerns.”
Founded by Mulley in 2006 following a stint as a general manager for security at Cisco, Melbourne-based SecureWorx provides clients with cyber advisory, multi-cloud security services, and managed IT security operations, including 24-hour onshore managed services with certified facilities and government cleared personnel. Accordingly, the company provides protection for customers with highly sensitive data.
“We have long admired EY and in particular the work of their cybersecurity team,” Mulley said. “Joining gives us access to EY’s global thought leadership and deep industry knowledge. For our people it provides exciting career development opportunities through industry focus, technology career paths and global reach and mobility. EY’s Cyber team in Australia is a natural, cultural fit for us.”
EY pointed to the strengthening in its capacity to aid clients with their mandatory requirements under new security legislation as motivating the purchase. “The latest updates to the Security of Critical Infrastructure Act outline new requirements that will require significant investment for onshore cyber capabilities to detect and combat threats,” said EY Oceania cybersecurity lead partner Richard Bergman.
“SecureWorx has a set of cybersecurity assets that complement EY Australia’s existing cybersecurity team and capabilities including government accredited hosting facilities in Melbourne and Canberra and an accredited Security Operations Centre in Melbourne,” continued Bergman, who added that the acquisition would complement 2019 cybersecurity purchase Aleron and earlier pick-up, Open Windows.
The Australian consulting industry has witnessed a flurry of M&A activity in the cybersecurity space over the past few years which appears to be further intensifying due to growing market demand. According to a recent report by Boston Consulting Group, Australia’s cloud market is set to surpass the $10 billion mark in 2022 or 2023, up from under $5 billion three years ago.