Accenture launches global ‘application security hub’ in Edinburgh

Accenture has launched a global ‘application security hub’ in Edinburgh to fight against the rising threat of cyber attacks on business.

The management consulting company unveiled its hub today as part of ongoing efforts to face down a growing number of targeted attacks experienced by its clients. According to its 2018 State of Cyber Resilience report, targeted attacks have “more than doubled in the space of a year” with 232 on average experienced by companies this year compared with 106 in 2017.

However, new technologies used by many high-profile cyber attacks are now being deployed to fight back against hackers and malicious agents with the number of breaches coming down, says the firm’s data.

The report indicates that only one in eight focused attacks are getting through in 2018, compared with the one in three that caused considerable disruption to organisations just over a year ago.

The new hub in Edinburgh is part of a ramping up of activity by Accenture, which has significant inhouse expertise in application security, but also a “critical mass” of financial services clients in Scotland and access to an expanding local talent pool from a top cyber security higher education constituency, including Edinburgh Napier and Abertay Universities.

The company said the facility has been “designed to be an industry-leading application security co-innovation, experimental and development lab”.

“The launch of the Application Security Hub is a significant step in the fight against application threats and cyber-crime. A UK first, the Hub will see Edinburgh at the forefront of threat modelling, working alongside leading businesses in the field of security to identify, communicate, and understand threats and mitigations whilst developing cost-effective solutions,” said Marshal Luusa, Accenture’s Application Security Lead.

FutureScot was given access to the new hub at the company’s offices at Atria One in Edinburgh, where Accenture MD in Scotland, Bill McDonald welcomed partner organisations that have joined the venture and a selection of industry guests, including Mandy Haeburn-Little, Chief Executive of the Scottish Business Resilience Centre (SBRC).

Register for FutureScot’s Cyber Security Leaders’ Summit.

McDonald, who described the launch as a “very special day”, said it represented the next exciting chapter for the company, whose roots in Scotland go back to 1991 when it served BP in the oil and gas sector, a client and industry it still has a relationship with nearly 30 years later. However, in a series of presentations, and perhaps a sign how times have changed, the event heard how ‘data is the new oil’.

Unveiled as part of the venture were cyber vendors Palo Alto Networks, Micro Focus, Deep Secure, Thales, Tanium, who will all work as part of the hub alongside enterprise software platforms including SAP and Oracle.

Much of the concern highlighted in the State of Cyber Resilience report centres around the response lag times organisations often face when dealing with a cyber attack or breach.

Although they have improved and lags are now ‘days and weeks’, as opposed to months and even years, the industry is trying to harness new technologies such as artificial intelligence and machine learning to automate threat detection and ease the burden on human analysts. The purpose of Accenture joining together with such pre-eminent partners is to get to that next ‘gold standard’.

Luusa added: “The Hub will also benefit from alliances with Scotland’s outstanding academic sector. The Scottish team will work alongside the academic sector to foster and support the next generation of security experts.”

The hub will develop, run and maintain applications securely, creating an end-to-end architecture that reduces clients’ security exposure and protects their applications and the valuable data they contain.

Luusa said: “When you look at what’s at the heart of what we’re trying to protect – it’s data. That’s the crown jewels and that data is driven by applications; without applications you can’t really create identities, without applications there’s not very much to effectively defend against. We feel that applications are at the core of everything businesses do. And we’ve got to find a way to co-innovate more secure applications, especially for the growing and changing threat landscape.”

The ‘hub and spoke concept’ will also allow Accenture to leverage its global network of cyber tools across its five security domains: Security Strategy & Risk; Digital Identity, Cyber Defence, Applications Security and Managed Security Services. That includes access to a large ‘hunt’ facility in Prague, which searches for the source cyber attacks, another in Riga and one in Israel.


Pictured, left to right: Bill McDonald, MD of Accenture Scotland, Marshal Luusa, Accenture’s Application Security Lead, and Floris Van Den Dool, Managing Director, Information Security Services, Europe, Africa and Latin America.