Business Excellence (Part 1): The economics of professional service practices in the Australian Cyber Security Market

Breaking down professional services

Analysing supporting costs

  1. The non billable activities of C level staff or team leaders (some of whom may be performing a reduced delivery function).
  2. Sales personnel, and any bonuses that come with sales.
  3. Support elements, including operations managers, advisors, accounting, marketing and HR.

The problem

  1. There’s an increase in daily utilisation; in the case of our firm above, this would have meant a range of between 120–200% use of time which may cut into the sleep patterns of billable staff.
  2. Billing isn’t performed with a daily rate calculation, which is unlikely in the Australian market unless theres a SaaS platform.
  3. There is a downward pressure on wages, which is unlikely in the 2021 climate.
  4. An increase in low cost staff has occurred in the Australian market which is not anticipated for several years.
    In the Australian employment market it is unlikely that we will ever see salary reductions; we would have seen this in half a dozen semi skilled industries crash since 1996 workplace changes. Additionally, we have the training liability and entry barrier, for which are substantially lower than cyber security services and thus unlikely to increase supply thus resulting in a downward pressure on wages.
  5. The firm also sells product, licensing or a software as a service, in addition to its professional services, however this may undermine the firm’s professional integrity (I have only seen a handful of organisations achieve this effectively).
  6. There’s more staff than can be publicly mapped, and the modelling conducted against a number of these organisations is inaccurate.
  7. Non-billable staff are employed on a casual basis, and thus drawing a lower salary.
  8. Non-billable staff are in fact billable which would make sense for some senior managers with existing skills or perhaps even the project manager, but not for the company accountant, EA, CFO, thought leader or resident instagram model.
  9. Offshoring of work takes place contrary to Australian cyber security interests. One particularly shifty practice, complete with repurposed crypto currency enthusiasts and cross fitters, proudly proclaimed their Australian owned status whilst having all their delivery work force based in Indonesia.




Mercury Information Security Services are a leading provider of information security services, advice and consulting.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Cross-Border Trade in the Age of China’s Data Security Law

How to use your phone as a two-factor authentication security key : Gadget Game News

{UPDATE} Pups Pet Trivia – The Dog Lovers Quiz Pro Hack Free Resources Generator

Pattern of Life: Fingerprint 2.0

Data Breach on Data Privacy

{UPDATE} Super Cat Tales Hack Free Resources Generator

Secure Authentication Development Method

DLI Seminar | The Construction of National Security and Privacy Relations by US Federal Policies

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mercury ISS

Mercury ISS

Mercury Information Security Services are a leading provider of information security services, advice and consulting.

More from Medium

Cyber Security: The Message that Never makes it up to the Board

Security Is Being Redefined by Digital ID Solutions and Biometric Authentication Technology

Inside the Accelerator — Okanii

Cyber Security in Fintech