2016 was a huge year for consulting related to cybersecurity in the US market, with revenues rocketing 30% from 2015. As one consultant recently told us, it’s no longer possible to take a digital solution to a client without also having a plan for how you’re going to protect that solution: In other words, like digitisation itself, cybersecurity is rapidly becoming a part of everything consultants do.

And that’s one reason why it’s so interesting to see where—in terms of service lines—cybersecurity work is actually happening. The bulk of it still sits under the risk & regulatory umbrella—the service line we most readily associate with cybersecurity—and the closely related technology service line. But we’re starting to see cybersecurity pop up in other services, too, and in 2016 more than $800m worth of cybersecurity work happened outside the tech and risk spheres.

So, if—like digital—cybersecurity really is becoming a part of everything that consultants do, you can expect that—like digital—it’s going to be done by consultants of all stripes.