The 4th Industrial Revolution through Consulting’s Cybersecurity Lens

The Fourth Industrial Revolution is upon us, and consulting firms are no exception in their need to adapt. The World Economic Forum said that, “The Fourth is evolving at an exponential rather than a linear pace. Moreover, it is disrupting almost every industry in every country. And the breadth and depth of these changes herald the transformation of entire systems of production, management, and governance.”

As we’ve chronicled previously, global management consulting providers are shifting their orientation out of necessity from pure management consulting to a holistic, business-driven approach focused on outcomes that are supported by a product orientation with tools, analytics, AI, robotics, automation, staff augmentation, and dare I say, managed services to underpin the advisory work.

Having recently completed research on the consulting market for Cybersecurity capabilities, it is clear that consulting firms are adapting to the changing demands of their clients. Digital transformation with emerging technologies and the resultant exponential increases in security threats mandates that consultants take a business-driven approach to a technical problem.

Consulting firms are reshaping to meet new client demands in several ways.

1. There is a significant shortage of cybersecurity talent. Even consulting firms have difficulty finding talent. Consultants, however, are aligning with universities to recruit and train the next generation of talent, along with other measures. Clients can’t staff these initiatives on their own, nor do they have the know-how. Consultants are providing staff augmentation on-site, and virtually (i.e., a virtual CISO) among new service offerings.

2. There is significant brand and reputational risk to clients from a potential cybersecurity breach. There is a responsibility for clients to protect their consumers’ data privacy. Consulting firms are brought in by Boards and the C-suite as trusted advisors to guide and monitor the process and are asked to provide end-to-end execution (including products/tools/services) – no more powerpoint decks left on the shelf; the Board wants peace of mind from an authoritative source.

3. Managed security services have become significant for many consulting firms as clients from the largest to the smallest are finding that using outside consulting expertise in these matters where they lack talent, infrastructure, and expertise is most effective. Firms are now offering cybersecurity intelligence centers globally, innovation labs (investing in AI, blockchain), shared threat intelligence and advanced detection, among other services that individual clients just cannot match. Clients have options including on-premises services with consultant oversight; co-sourcing or outsourcing.

What had been traditional, pure-play management consulting firms are in the midst of their own version of the Fourth Industrial Revolution; and are responding to client needs quite appropriately.

Laura Becker