The bank has set up a new division called ‘Group Security’ that integrates its “cyber, fraud, financial crime and physical security” domains.
The new division is being led by chief security officer Brendan Goode, who joined CBA back in February from Citi.
Goode has also previously held security leadership roles at Deutsche Bank and the US Department of Homeland Security.
iTnews understands his role at CBA is to oversee the design, creation, and communication of the Group’s security strategies and roadmaps to inform the delivery of critical controls and capabilities that will improve the Group’s end-to-end security posture and its ability to withstand and recover from disruption events.
More broadly, the new Group Security division at CBA is intended to drive capability, technology, operational and governance practices across all security and resiliency domains, and improve the security posture of CBA and its customers.
Its existence was revealed in a LinkedIn post on Sunday announcing MLC CISO Harvey Deak as Group Security's new CIO.
“Last week I began an exciting next chapter, starting in a newly created CIO role at CommBank within Group Security - a new division to bring together all elements of protecting our customers, colleagues and community across cyber, fraud, financial crime and physical security,” Deak wrote.
“I’ve already met so many wonderful, passionate people looking to create trusted digital experiences with a clear agenda on building a great engineering and tech capability.”
Deak was MLC's CISO for one-and-a-half years. Prior to that, he spent 14 years in a variety of information security management and architecture roles at NAB.
“At the end of May, I left MLC and the broader NAB Group after 15-plus years,” he wrote.
“[It was] an incredible time in my life - I worked with so many great people, undoubtedly some of the best security professionals in the country to have learnt from.
“We saw so many changes in security and technology over that time from very humble beginnings of some antivirus software and a few firewalls.”