Fraud Management & Cybercrime , Fraud Risk Management , Geo Focus: Brazil

Accenture Acquires Morphus to Take on Cyber Fraud in Brazil

Purchase Will Help Accenture Tackle Insider Threats, Financially Motivated Hackers
Accenture Acquires Morphus to Take on Cyber Fraud in Brazil
Andre Fleury, lead for Latin America, Accenture Security (Image: Accenture)

Accenture has bought Morphus to get more intelligence around fraud and other cybercrimes perpetuated by Brazilian criminals in the digital world.

See Also: How to Build Your Cyber Recovery Playbook

The Dublin, Ireland-based consulting giant says its acquisition of Morphus, based in Fortaleza, will help customers take on financially motivated cyber fraud and insider threats that are pervasive in Brazil, says Andre Fleury, Accenture Security lead for Latin America. Brazilian threat actors tend to use profits from fraud and cybercrime to fuel operations across the rest of their criminal organization, Fleury says.

"They combine the old analog way of fraud and bring that to the new cyber world," he tells Information Security Media Group. "We have a lot of cyber fraud being perpetuated, and they combine it with regular criminal activity. It's different from other parts of the world, where you are sometimes worried about cyber terrorists. That's not the case in Brazil, but the cybercrime scene is much more active."

Morphus, founded in 2003, employs more than 230 people and is one of the most-recognized security brands in Brazil, according to Fleury. Bringing Morphus together with Accenture's 2021 acquisition of Rio de Janeiro-based Real Protect will make Accenture one of the largest providers of cybersecurity professional services in Brazil. Terms of the acquisition weren't disclosed (see: Cerberus Sentinel Broadens South American Footprint With M&A).

Optimizing Security in OT Environments

Morphus' research and development and cyber intelligence capabilities can help Accenture customers better understand criminal groups acting on the Brazilian scene as well as the tactics, techniques and procedures they use, Fleury says. The company's cyber operations and red-teaming and blue-teaming capabilities extend beyond IT to address operational technology, Fleury says.

The company has invested a lot in determining how businesses, processes and technologies can be exploited by outside threat actors in industries such as manufacturing and oil and gas, Fleury says. Morphus employs people with knowledge of how automobile and oil and gas plants operate so security controls that are feasible for the setting can be designed, implemented and maintained, he says.

"When you are adding complexity to your secure environment, that's not good for the company."
– Andre Fleury, lead for Latin America, Accenture Security

From a geographic standpoint, Fleury says, Morphus' strength in Northeast Brazil will complement Accenture's existing employee and customer footprint in Rio de Janeiro and Sao Paulo. Adding a third cyber fusion center in South America to the ones Accenture already has in Sao Paulo and Buenos Aires will give the company more capacity to serve clients in countries such as Mexico, Colombia and Chile, he says.

Morphus is well-positioned to capitalize on talent coming out of the prestigious Aeronautics Institute of Technology that would prefer to work in Northeast Brazil after graduating rather than having to relocate to Rio de Janeiro or Sao Paolo. Getting a broader geographic footprint across Brazil will allow Accenture to be closer to where young people are studying technology and cybersecurity.

'Brazil Didn't Used to Have Large Players in Security'

Organizations in Brazil have historically needed to purchase technology from numerous small companies to be secure, but Fleury says Accenture's pursuit of organic and inorganic opportunities in Brazil means businesses will be able to get their security needs met from a single large provider. Having good security services requires local, in-country talent and can't be achieved with capacity from abroad, Fleury says.

"Brazil didn't used to have large players in security," Fleury says. "Therefore, for large companies to be secure, they needed to have a lot of small players to have complete end-to-end security. And when you are adding complexity to your secure environment, that's not good for the company."

Accenture Security has made 16 acquisitions since 2015, including most notably its purchase of Symantec's Cyber Security Services business for a reported $200 million in January 2020. Since then, the company has enhanced its cyber defense and managed security services capabilities with the acquisition of European cyber companies Sentor and Openminded in 2021.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.