Medibank’s main data gatekeeper of three years Alex Loizou has really change into a top-level casualty of a restructure of the insurance coverage firm’s fashionable know-how characteristic on the finish of in 2015.
Loizou revealed his separation in a LinkedIn post, which accompanies completion of a cyber uplift program at Medibank that was began after a 2022 info violation.
A Medibank speaker knowledgeable iTnews that Loizou’s obligation had really been “impacted” by “some changes within our data and technology” procedures that had been made “in response to the evolving needs of our business.”
“During the three years he was with us, Alex’s leadership and dedication was greatly valued, with his technical knowledge, cross-industry experience and ability to spot and support the progression of internal talent contributing to the ongoing uplift of our security capabilities,” the speaker claimed.
Medibank has really at the moment employed Origin Energy CISO Christoph Strizik to guide “IT security, risk and compliance”, together with holding the title of CISO.
He begins his obligation at Medibank on March 24.
Medibank’s speaker claimed Strizik’s “experience span[ning] multiple sectors, including financial services, energy, and consulting” and subscription “of a variety of security, regulatory and industry advisory groups” was thought of positively within the employment process.
“Hasn’t always been easy”
Loizou signed up with the wellness insurance coverage firm from FlyBuys in January 2022, 10 months previous to an info violation that affected 9.7 million current and former shoppers.
Since the violation, he has really managed a big cyber uplift program at Medibank, which is anticipated to finish mid-2025 and set you again $126 million-plus.
Loizou created on LinkedIn that “over the earlier 3 years, we’ve really browsed sophisticated security landscapes, developed resistant methods, and grew a society of fixed understanding and development.
“While it hasn’t always been easy, it’s certainly been deeply rewarding. I’m proud to look back at some key highlights from my time here.”
These, he claimed, consisted of “reacting to among Australia’s most top-level cyber events; leading a thorough program of safety improvement and expanding the safety group to greater than increase its dimension.”
He included that his interval noticed a change in “conversation around security to a mindset of partnership and collaboration”.
While Medibank’s security uplift is coming near conclusion, the after results from the occasion proceeds, with the insurance coverage firm presently encountering a declare introduced by the Office of the Australian Information Commissioner.
In courtroom filings published last year [pdf], the OAIC declared – to call just a few features – that Medibank actually didn’t act upon indicators from an endpoint discovery and motion (EDR) gadget.
