The move by the local consultancy, which was founded in 1998 but has grown to have 600 staff spread across offices spanning the US to Africa, comes after the firm noticed that enterprise clients were still not treating cyber security as a business imperative.
Partners in Performance managing director Skipp Williamson said having cyber security specialists was an imperative for any management consultancy.
"Cyber security is just inseparable from operations and execution," she said. "Meanwhile, we watch so many companies only narrowly implementing digital strategies and driving them as fast as they can without considering how vulnerable they're making themselves from a cyber perspective.
"There's still chief executives saying 'oh cyber is over there, I don't need to worry about that'."
While Partners in Performance has hired Ms Frost as part of its US team, she was in Australia last week to help educate the firm's local clients and start establishing its Australian-based cyber team.
Ms Frost retired from the military in August last year, saying she felt like there was a "dark underbelly" that also needed to be addressed in the corporate sector.
"You need to ensure the value of the business is being protected and secure the critical assets based on their value." — Patricia Frost, Partners in Performance
Before joining Partners in Performance she had spent more than 30 years in cyber and intelligence operations with the US department of defence and was most recently responsible for reshaping the US army's cyber security operations into teams of 32 to 69 personnel.
This incorporated people working in electronic warfare, threat intelligence, communication and defence, as well as forensics.
"General Alexander [the first commander of the US cyber command] used to talk about it being a soccer team. You had to think offensively about how you could be attacked and then look at defence measures and you need people who can execute both sides," Ms Frost said.
"We recognised that as the cyber threat landscape continued to evolve, we'd need an agile workforce."
Like business, Ms Frost said the US military used to treat cyber security as an IT problem, but it is now a designated combat operations specialty.
But in the business world, she said, it is still being viewed as a problem for the IT team.
"You can see that in things like who the chief information security officer reports to. Often they're still reporting to the chief information officer, rather than the chief executive," she said.
"But you need to look at it as an operational risk and ensure the value of the business is being protected and secure the critical assets based on their value."
Partners in Performance would not reveal how many employees it intended to hire into its cyber division.
Australian Securities and Investments Commission documents revealed that in the 2017 financial year the company generated $30 million in revenue and a net profit of $234,785.
Ms Frost said her biggest surprise since shifting from the army to industry was that the amount of bureaucracy in big business was on par with government agencies.
She admitted that for some companies education would not be enough to shift their mentalities about the importance of cyber security.
"Some companies are playing the short game and rolling the dice on risk and hoping it doesn't happen to stop on their watch," she said.