ctrl:cyber is pleased to announce the acquisition of elevenM, marking a significant milestone in the continued build of Australia’s sovereign, end-to-end cyber capability.

Bringing the two organisations together unites closely aligned values and complementary expertise, strengthening depth while broadening the services available. This combined capability supports organisations across their cyber landscape with greater clarity and continuity.

elevenM is a Sydney-based team of 32 specialists recognised for industry-leading advisory work underpinned by forward-thinking innovation. Welcoming the team introduces new service arms across cyber advisory, privacy, and AI and data governance, while also reinforcing Ctrl’s existing cybersecurity offering. Together, these capabilities broaden depth, strengthen integration, and enable more comprehensive support across cyber, privacy, and data-driven risk.

“Cyber risk has moved well beyond technology alone. It now spans security, data, privacy and increasingly AI, and organisations are looking for this to be addressed in a more connected way.

Our view is that this works best when those capabilities sit within a single, sovereign cyber provider – one ecosystem, one operating model, with clear accountability end to end. Rather than stitching together disconnected vendors, we are deliberately building an integrated capability across cyber managed services, advisory, privacy, data and AI governance – all housed here in Australia. This is ctrl:cyber’s North Star and what we’re building towards.

– Steve Williams, CEO & Founder

This direction builds on the recent addition of an experienced Cyber Engineering team in December, alongside Digital Forensics Incident Response (DFIR) capability. Together, these additions reflect a clear and consistent direction: investing in specialist expertise that can be embedded across delivery, rather than operating in isolation.

Growth remains deliberate. Capability is expanded where it strengthens long-term outcomes and integration, not simply to broaden a service catalogue. The focus is on depth, cohesion, and maintaining quality as teams and offerings evolve.

Further expansion is expected in 2026, guided by the same principle that has shaped progress to date: building capability that lasts, supports confident decision-making, and strengthens cyber resilience over time.

Read more about the acquisition in the Australian Financial Review