McKinsey behind govt’s new cyber strategy

Joseph Brookes
Senior Reporter

Controversial global consulting giant McKinsey will have a key role in the development of Australia’s cybersecurity strategy, 18 months after the government was widely criticised for using the company to develop its net-zero strategy.

McKinsey will be paid nearly $1 million for less than two month’s support work on the new cyber strategy being developed by the Albanese government, with the contract set to end just weeks out from the May budget.

The Department of Home Affairs awarded McKinsey a one-and-a-half month, $950,000 contract for “project management” early this month after approaching just two other suppliers out of more than 400 pre-approved suppliers.

A spokesperson for the department confirmed the work is for the cyber strategy but declined to answer questions on what exactly the company would deliver.

“McKinsey Pacific Rim are providing support in the development of the 2023-2030 Australian Cyber Security Strategy,” the spokesperson told

The engagement of McKinsey for the cyber strategy that the current government says will make Australia “the world’s most cyber-secure country by 2030” comes after controversy around the consulting giant’s role in climate policy.

The former government bypassed its own science agency to give McKinsey contracts worth $6 million to develop the modelling underpinning Australia’s net-zero plan.

Just seven McKinsey staff were used for the modelling, which was not released until after key international climate talks in Glasgow in 2021, when the Australian government made its net-zero pledge.

The plan and the underlying modelling by McKinsey were heavily criticised into 2022, when the company was also still under fire in the US. The US Congress has found McKinsey failed to disclose it was working with a pharmaceutical giant to boost its opioid sales while also advising the US government’s Food and Drug Administration.

McKinsey had a long spell of no federal contracts following the net-zero criticisms, with its federal revenue falling sharply last year.

But it has landed a lucrative contract to assist with the new cyber plan after being identified by the Department of Home Affairs.

The department is understood to have approached three suppliers, including McKinsey, from management advisory services panel, which has 413 pre-approved suppliers.

A request for quotation sought a supplier that could provide project management; policy analysis; administration, stakeholder engagement and planning, scheduling; developing project materials; and developing project implementation plans.

The subsequent McKinsey contract runs from early March to late April.

An expert advisory board has also been established for input on the strategy. It released a discussion paper in February – just weeks before the McKinsey contract – outlining several proposals for the strategy.

Do you know more? Contact James Riley via Email.

1 Comment
  1. Ian Dennis 1 year ago

    It is hardly ” technological sovereignty ” to bypass the entire Australian cybersecurity expertise. Especially when it is to McKinsey, a group that, notoriously, strongly propounded the ” it doesn’t matter whether we make technology, so long as we use it” line in their earlier consultancies to the Australian Government.

Leave a Comment

Related stories