Watch out for Accenture on cyber security

Watch out for Accenture on cyber security

We recently spoke with Floris van den Dool, MD of Accenture Security for Europe, and with Marius von Spreti, who heads the practice in DACH and Eastern Europe.


Cyber security is a key component of Accenture’s overall positioning, which is to support its clients’ perilous journey towards digital transformation.


In the last few years, Accenture has been quietly building its cyber security capabilities through an interesting stream of acquisitions. It is now emerging as a global player with a total turnover of $1bn and a practice of 5,000 engineers. For Accenture, security expertise spans all the other practices, therefore really only 50% of the business (approx. $500m) are core IT security activities.


Accenture’s DNA is all about a deep knowledge of its customers’ business and about understanding the value chain dynamics, from business needs to IT requirements. Accenture applies this mindset to cyber security in order to provide an end-to-end solution and a holistic approach to threats and vulnerabilities. In our view, this is a cyber security best practice.


In its endeavor to break up silos, Accenture has organized its key cyber security resources into 4 “Fusion Centers” across the world, pooling all skills in one single place. Accenture is taking the SOC approach one step further by integrating research, implementation & operations. The idea is obviously to offer clients one single point of contact and to generally achieve faster and better incident response and remediation capabilities, as well as proactive security by design. While this is the right approach and it looks great on paper, we would be eager to understand how it works in real life, and how the Fusion Center interacts with other processes within the client organization, given client’s own complexities…


Given Accenture’s natural business focus, and its legacy applications, security (including application testing as well as DevSecOps and API security) is the core (25%) of activities. DevSecOps is a series of processes and tools to enable security by design throughout iterative rapid development and continuous deployment cycles. For more information, read our recent white paper by Paul Fisher on this important topic.


Managed Services are growing rapidly. This is aligned with the Fusion Center approach. Managed Services cover cyber defense (with advanced pen testing and intelligence from the acquisition of Israeli MAGLAN in 2015), identity and access management (in Europe, with the acquisition of Arismore in France last year, and the booming trend of consumer identity management), and compliance (which has been quickly emerging as a key IT transformation lever, with GDPR and upcoming financial (de)regulation).


CXP Group and KuppingerCole will be organizing two conferences on these topics in November (CIW Paris) and in December (RegTech Frankfurt). Check it out. This is HOT!!!!