
Rocco Galletto
BDO's cyber security practitioners from Australia, Canada, Singapore, India and Czech Republic recently united to compete in the HackTheBox Global Cyber Skills Benchmark, one of the most rigorous capture-the-flag (CTF) competitions in the cyber security industry.
The combined team placed 27th out of 589 teams worldwide, a notable advancement from the 118th place result achieved in the prior year's competition.
The Global Cyber Skills Benchmark is a multi-day, multi-discipline competition that evaluates teams against realistic challenges spanning web application exploitation, reverse engineering, cryptography, hardware security, cloud environments, digital forensics, and Active Directory attack paths. The competition is widely recognised within the industry as a credible benchmark of practical, hands-on cyber security capability.
What distinguished this year's result was the model of collaboration behind it. Rather than competing as separate national teams, practitioners drawn from IT, cyber security, digital forensics and adjacent disciplines across five member firms operated as a single global unit. Coordination ran continuously, with each region progressing challenges through their time zone and handing off context to the next region as their time zone concluded. The outcome reflects a deliberate commitment to working as One BDO.
The threats our clients face do not respect borders, and neither do the skills required to counter them. Ransomware operators, state-aligned threat actors and organised cyber-criminal groups operate across jurisdictions, exploiting any seam between regional defences. Responding effectively requires a depth and breadth of technical capability that few organisations can build in isolation.
This is where the BDO network delivers a distinct advantage. When a client engages BDO for cyber and digital services, they are not engaging a single office. They are engaging a global community of practitioners spanning offensive security, digital forensics, incident response, cloud security, identity and access, and governance, risk and compliance. The same practitioners who collaborated across five countries to achieve this result are the practitioners we mobilise on client engagements, whether responding to a live incident, testing the resilience of critical infrastructure, or building security programmes that scale internationally.
The Benchmark result is one external indicator of capability. The day-to-day outcome for our clients is access to world-class cyber and digital services delivered with the technical credibility, regional presence and global reach that complex security challenges demand.
Congratulations to every member of the team who contributed to this result. We look forward to building on it in the year ahead, and to bringing the same calibre of capability to every client we serve.

Rocco Galletto