Ramping up an accelerated Cyber Resilience Program, after attack in May.
Transportation and logistics company, Toll is looking to recruit a global head of IT security operations. The recruitment is one of the first steps the company is taking to accelerate cyber security at the company, following an attack in May.
Two months ago, Toll confirmed it was the victim of a cyber-attack involving ransomware known as ‘Nefilim’. After detecting this attack, Toll shut down its IT systems to mitigate the risk of further infection. Toll has refused from the outset to engage with the attacker’s ransom demands, which is consistent with the advice of cyber security experts and government authorities.
Investigations revealed that the attacker had accessed at least one specific corporate server. This server contained information relating to some past and present Toll employees, and details of commercial agreements with some of our current and former enterprise customers.
The server in question was not designed as a repository for customer operational data.
At the time Toll determined the attacker had downloaded some data stored on the corporate server, and we are in the process of identifying the specific nature of that information.
The attacker was known to have published stolen data to the ‘dark web’, although Toll stated at the time, the information was not readily accessible through conventional online platforms. Toll is not aware at this time of any information from the server in question having been published.
Following from the attack, Toll embarked on an accelerated Cyber Resilience Program. A global head of IT security operations “have an exceptional opportunity for an accomplished leader” who can “influence and enable the team” to deliver “high standards in IT security operations”.
According to an advertisement for the position, Toll wrote the recruit will
set the cyber security vision and strategy by establishing operational foundations and defining metrics to drive governance, quality, and efficiency.
Their mandate will include:
- Ownership and accountability for Incident Management, Vulnerability Management & Threat Intelligence
- Build, develop and lead an empowered high performing cyber security team while promoting an outcome-based delivery model.
- Integration of IT Security with other parts of IT to facilitate seamless day-to-day operations
Key measures to success in this role would include:
- Creating robust Incident framework and managing different vendor partners to work coherently
- Forging a strong partnership within the organisation to uplift Toll’s cyber security capability while building and gaining the trust of internal stakeholders and customers
Toll wrote, the ideal candidate is an IT Security practitioner with comprehensive knowledge in SOC operations and demonstrated experience in establishing and/or managing security framework in a Global setup with regional teams providing 24 X 7 support.
“Coupled with your strong capability in running and managing incident framework, you will have proficiency in maximising security awareness to reduce business impact. by collaborating across a complex matrix environment,” wrote Toll.