About Opcode
Security consulting that starts with clarity
Opcode exists because too much cybersecurity consulting is vague, fear-driven, and disconnected from how organisations actually operate. Security advice should be specific, practical, and tied to real business outcomes — not abstract risk matrices and generic best practices.
Every engagement starts with understanding the organisation's context: what it does, what it depends on, what regulations apply, and what level of security investment is proportionate to the actual risk. From there, Opcode delivers clear recommendations and hands-on implementation — not a slide deck and a handshake.
Opcode works primarily with Australian organisations across financial services, government, defence, healthcare, and critical infrastructure. The consulting approach is informed by deep technical experience and executive-level advisory — bridging the gap between security operations and board-level decision-making.
How Opcode works
- Clarity over complexity Security advice that leadership can act on, not just acknowledge.
- Outcomes over deliverables Measured by what changes, not what gets documented.
- Security as an enabler Good security enables the business to move faster with confidence, not slower with friction.
Matt Gurr
Principal Consultant & Founder
Matt is a cybersecurity leader with 27+ years of experience spanning incident response, security architecture, and business risk management across international financial services, government, and cloud environments.
Most recently, Matt led the AWS Customer Incident Response Team (CIRT) for the Asia-Pacific and Japan region — managing a team of 9 incident responders handling critical security events for Fortune 500 enterprises and government organisations across 30+ countries. This included tracking and containing advanced threat actors, delivering C-suite briefings during high-severity incidents, and building incident response playbooks that reduced mean time to resolution by 40%.
Prior to AWS, Matt founded and ran Opcode Consulting, delivering security architecture, incident response, and risk management solutions to enterprise clients across mining, healthcare, defence, and critical infrastructure sectors.
Matt is a regular speaker at national and international cybersecurity conferences including AusCERT, FIRST, and CrikeyCon. He holds a Master of Information Technology and maintains active certifications across executive governance, security architecture, and cloud security.
For engagements requiring specialist depth beyond a single practitioner, Opcode draws on a trusted network of vetted security professionals with complementary expertise.
LinkedIn →