The NCC Group is a global cyber security and risk mitigation company headquartered in Manchester, UK. Founded in 1999, NCC Group has grown significantly over the past two decades to become one of the largest cyber security firms in the world. But just how big is the NCC Group? In this article, we will examine various metrics to gauge the size and scale of this major player in the cyber security industry.
Revenue and Valuation
One of the most direct ways to measure a company’s size is by looking at its revenue and valuation. According to its latest financial results for the 2021 fiscal year, NCC Group generated total revenue of £254.3 million. This was a 15% increase compared to the previous year. The company’s market capitalization as of September 2022 stands at around £660 million. While not as large as some of its competitors, NCC Group has established itself as a substantial presence in the cyber security market.
Global Locations and Headcount
In addition to revenue, NCC Group’s global footprint and employee headcount provide indicators of its scale. The company has operations spanning North America, Europe, and the Asia Pacific region. Its worldwide headquarters remain in Manchester, but NCC Group has major offices in locations including New York, Seattle, Austin, and Sydney.
As of 2021, NCC Group employs over 2,100 people globally. This skilled workforce that includes security consultants, researchers, and software developers demonstrates the company’s significant investment in human capital. The following table summarizes NCC Group’s headcount distribution across its core regions:
Region | Headcount |
United Kingdom | 1,380 |
North America | 430 |
Asia Pacific | 310 |
With expertise centralized in Manchester and distributed globally, NCC Group can serve client cyber security needs anywhere in the world.
Service Offerings
NCC Group categorizes its cyber security services across five main areas:
– Assurance – Security testing, audits, and reviews
– Software Resilience – Design, testing, and optimization of software security
– Managed Detection and Response – 24/7 threat monitoring and response
– Incident Response – Emergency support for security incidents
– Security Transformation – Strategic advice for building cyber resilience
The company’s diverse set of services caters to the varied cyber security challenges faced by its extensive client base. NCC Group offers both standardized and customized solutions to meet specific needs in different industries like finance, retail, government, and more.
The depth of the company’s expertise across cyber security domains demonstrates its established position in the industry. Very few competitors can match the end-to-end capabilities that NCC Group provides in areas ranging from penetration testing to security training and transformation.
Notable Clients
NCC Group counts some of the largest companies and organizations among its clients:
– 5 of the top 10 global technology companies
– >50% of the FTSE 100
– 15 of the top 20 retail banks
– UK Ministry of Defence
– UK Home Office
– US Federal Reserve
– 7 of the top 10 global aerospace companies
– 6 of the top 10 global beverage companies
The company derives over 60% of its revenues from clients spending over £1 million annually. Long-standing relationships with large corporates and public sector bodies contribute significantly to NCC Group’s size and continued expansion.
Industry Leadership
NCC Group holds influential roles in cyber security research and broader industry initiatives:
– Founding member of the Cyber Threat Alliance – Global group for sharing threat intelligence
– Founding member of the Internet of Secure Things Alliance – Advancing security in IoT devices
– Member of the World Economic Forum’s Centre for Cybersecurity – Developing best practices for cyber resilience
The company also frequently publishes cutting-edge research revealing software vulnerabilities, weaknesses in encryption standards, and exposing cybercriminal tactics. Positioning itself at the forefront of the cyber security field boosts NCC Group’s profile and fuels its growth.
Acquisitions and Investments
Expanding through acquisitions and investments in related businesses has been a key strategy in NCC Group’s growth. Some major transactions include:
– Fox-IT (2017) – Leading Dutch cyber security firm, expanded NCC Group’s footprint in mainland Europe
– Iron Mountain’s Investigations Services (2020) – Acquired sensitive data investigation capabilities
– Enable Security (2021) – Australian identity and access management specialist
– Tala Security (2022) – Startup offering cloud security posture management
By acquiring niched expertise and technology capabilities, NCC Group continues increasing its range of cyber security solutions. It has become adept at integrating new companies into its operating model. NCC Group also invests directly in promising cyber security startups to gain early access to innovative technologies.
Financial Health
Despite the substantial growth NCC Group has achieved, some challenges have emerged in recent years. The company issued profit warnings in 2019 and 2020, impacted by difficulties in its Assurance division and certain client contracts requiring higher resourcing. operating profit declined as a result.
However, under its new 3-year strategy launched in 2021, NCC Group aims to improve its financial performance going forward. Progress has already been demonstrated in its 2021 results:
– Group operating profit increased 19% year-over-year
– Adjusted operating profit margin improved to 12.4%
– Significant increase in order book to £310.7 million
With operating disciplines in place and a strong balance sheet, NCC Group seems poised to continue on a healthier financial trajectory. While not yet achieving the profitability of some competitors, the company remains stable. NCC Group’s sizable market presence and loyal customer base provide a solid foundation.
Competitive Positioning
The global cyber security market is filled with competition, but NCC Group has carved out a defensible position:
– Well-established reputation with 20+ years serving blue-chip clients
– Full-spectrum capabilities covering multiple cyber security disciplines
– Deep expertise in core competencies like auditing and software testing
– Global delivery model with local presence in key regions
– Track record of innovation and thought leadership in the industry
– Strong relationships with CISOs and other tech executives
At the same time, NCC Group faces challenges:
– Smaller scale than top tier competitors like IBM and Accenture
– Does not provide its own security products/technologies
– Brand recognition lags behind some household names in cyber security
– Recent uneven financial performance
But overall, NCC Group stands on stable ground as an agile mid-market player in the crowded cyber security space. It differentiates itself through specialist expertise and customer focus.
Conclusion
While not the largest cyber security firm, NCC Group has established itself as a substantial player through consistent expansion over 20+ years. It generates over a quarter billion pounds in annual revenue and employs more than 2,000 people across major regions. NCC Group’s breadth of security services, blue-chip client base, and thought leadership position it firmly among leaders in the industry. Financial performance has been mixed, but improvement is targeted. With its strong reputation and focus on growth, NCC Group has achieved global scale and presence despite challenges from larger competitors. The company has successfully carved out a niche as a leading mid-market cyber security provider.