Commonwealth Bank of Australia has been forced to defend its commitment to cyber security after it emerged that the lender is set to offshore some critical IT functions.
Earlier this month, The Australian reported that CBA was looking to outsource some cybersecurity work to an offshore provider, possibly in India, as part of a cost cutting exercise.
The plan, initiated by new information security boss Yuval Illuz, could see the bank offshore its real-time threat monitoring, and firewall and proxy server management.
With rumbles of discontent about the plans building over the last few weeks, CBA has now issued a statement insisting that "reports suggesting we are stepping back from cyber security are incorrect".
The vague message confirms that "we keep a close eye on the services and capabilities available to us". However, it claims that "this is not about outsourcing our cyber team. It is about ensuring we have access to the best possible services and skills when we need it to complement our own cyber security expertise."
Talking to the Australian Financial Review, CIO David Whiteing is a little more forthcoming, confirming that cyber work is going offshore.
"We want the best talent to be working if not for CBA, then with CBA. We are relatively agnostic where it comes from … If it means we have to work with a global partner or bring in someone from overseas then that is what we will do because it is too important for us not to do it with the best people available," says Whiteing.
The news comes as it emerges that CBA is also cutting about 170 jobs in its enterprise services teams as a result of automation and digitisation.