The two consultancies, stratsec based in Canberra and SIFT in Sydney, are expected to have a combined value between $15 and $20 million, according to the chief of the newly combined stratsec business, Peter Lilley.
From July 1, the combined business will become known as stratsec, although specific offerings such as application security testing may retain the SIFT brand.
"We're looking for ways to maintain and take advantage [of the SIFT brand] but haven't figured out [those ways] yet," said Nick Ellsmore, former SIFT chief and now-CTO of stratsec.
The combined company will remain headquartered in Canberra ("at least for the short term", according to Lilley) and is expanding into Melbourne and SE Asia.
It has already established a presence in the Singaporean security test market and is now "doing the same thing in Malaysia", Lilley said.
Other short-term plans include achieving defence accreditation for SIFT's existing Sydney office and the Melbourne office.
Stratsec's Canberra presence is already accredited.
Accreditation will expand consultancy opportunities for both firms. SIFT's business is traditionally 80 per cent commercial and 20 per cent government contracts; stratsec is the reverse.
The company is also hiring in Melbourne and Canberra. The latter includes some graduate roles, Lilley said.
Discussions on a potential merger started in September 2008 after leaders of the two firms met "at an industry forum".
"There have been a lot of discussions of late in the information security space," Ellsmore said.
"It has been very fragmented for a long time and the opportunity [for consolidation] has been there for a while.
"The nature of the market is we're good friends with quite a few other consulting firms and certainly a lot of people have been talking about something [of this nature] happening.
"The biggest challenge is finding firms that are going to fit and work well together. In consulting it's all about the people. You can't just bolt two firms together and expect it to work."
The combined entity counts "all of the major banks - including the Big Four", all central Government agencies and up to 14 of the ASX20 among its clients.
A number were in attendance at the launch of the merged entity in Sydney today but can't be named due to the nature of the work they are involved - which includes penetration testing and other "high stakes" security projects.
Lilley said the merged entity would become one of the largest specialist consultancies in the region.
Cyber warfare provisions in the Defence security white paper and outcomes from the Gershon review are expected to drive some government opportunities for the company.
Common Criteria is also a key driver of consulting work, particularly in SE Asia, the company said.