Accenture Expands Global Cyber Ops with a BANG!

Accenture has opened a new cyber security facility in Bengaluru, India, with the opening of its Cyber Fusion Center. In the process, Accenture has hinted at the future of managed security services: automation and collaboration.

With all the fanfare befitting the not-so-coincidental celebration of the new year in Bengaluru, Accenture official launched its new 9,000sf flagship cyber security facility – the Cyber Fusion Center, located within the existing Bang 9 facility – on April 14^th, significantly increasing its global security capabilities and setting the stage for a new wave of services offerings. HfS participated in the launch and had the opportunity to visit with both management and the operational front-line staff. Here are a few of our key findings:

Bang 9 is the new Black

The Cyber Fusion Center (CFC) in the Bang 9 facility has all the hallmarks of a state-of-the-art facility, from a top-notch staff to strategically-placed 24×7 big screen monitors in the command center that display real-time global threat activities. Is it perfect? No, but their emphasis on visual data and the ability to shift quickly from Level 1 to the command center and the war room (where they deep dive and coordinate incident response) is the right approach and highlights the nature of today’s rapidly evolving threats. Information is the key to security, and they are using it well in what appears to be the new model for Accenture Security Operation Centers (SOCs).

Fusion is Accenture-speak for Collaboration

Core to the value proposition of the new CFC is Accenture’s focus on collaboration. This is true both within the security team and through the locational synergy with Accenture’s existing cloud, analytics, automation, and operations staff already located within Bang 9. We’re hopeful this collaboration will result in a greater level of system awareness by all parties, and potential decrease the time to plan for or respond to cyber threats.

Talent Crunch meet Automation

Accenture has over 1,500 security professionals in India, and over 5,000 globally, but it’s not enough, as demand for security services (and talent) continue to outpace the supply (particularly for Level 2 and above). In addition to some creative approaches that both identity and cultivate external talent, Accenture has embarked on an ambitious plan to leverage “small-step” automation to both increase its current capacity and shift its employee’s focus from Level 1 to Level 2 activities (“we don’t believe anybody should have to do Level 1”). This should help Accenture weather the continued growth in the global demand for managed security services we expect to continue through the next 18-36 months – IF they can continue to execute efficiently with these incremental automation efforts.

Accenture has also been busy leveraging strong analytics and automation tools both within its security practice and as part of larger efforts in cloud and digital operations to help minimize risk – an important element that ties in nicely with its approach to cyber security (and a key element of the HfS approach to enabling digital trust).

FusionX finds its Groove in Incident Response

While we were positive on Accenture’s acquisition of Red Team and real-time vulnerability tester FusionX in 2015, we were cautious about Accenture’s ability to scale or leverage FusionX into their core security services (read here). Accenture has answered our queries by smartly leveraging elements of the FusionX team to enhance its existing Incident Response (IR) team. In addition to the shared knowledge from Accenture’s other SOCs, the CFC team has a direct line to and from the FusionX team (who are increasingly applying lessons learned in their real-time, Red Team vulnerability testing to the IR practice). Smart move here.

Next steps for Accenture

Accenture has, of late, been aggressively pursuing internal transformational efforts in an effort to better assist its client’s transformational issues. Part of this involves the emergence of a “liquid” talent pool that is able to adapt to client needs and better leverage centers of excellence. But they have some challenges ahead.

Accenture is not alone in aggressively transforming itself, and it faces many challenges from a market education perspective as well as a growth perspective (whether organic or via acquisition/partnerships). We believe that consistency and adaptability are two metrics worth watching within Accenture. Can they consistently replicate and expand the approaches that are driving them forward, and can they adapt fast enough by leveraging a fast-fail/MVP approach internally to deliver long-term client value.

Next Steps for the Enterprise

From an enterprise perspective, cyber security is an item that needs to be woven throughout the ecosystem. But at the same time, cyber threats and enterprise risks are evolving at such a rapid rate that it can be difficult to keep pace, let alone treat security services similar to other operational services (BPO, ITO). In this light, we recommend enterprises push Accenture and other providers for to adopt the type of “center of excellence” and cross-functional integration model that Accenture appears to be launching with its Cyber Fusion Center.