Back in February, we blogged about the large scale ransomware attack experienced by Toll Group.
IT News reports Toll is still “mopping up” the damage caused by these attacks. Since July, Toll has embarked on a year-long accelerated cyber resilience program incorporating teams in India and Australia which led to the appointment of former Telstra Asia Pacific CISO Berin Lautenbach as Toll’s global head of information security in August.
According to Toll’s Global head of data, IT security and governance Diana Peh, Toll is “still feeling the impacts” of the ransomware attacks. Peh suggests the impacts of cyber incidents such as those experienced by Toll live well beyond the “containment and remediation” phase and that Toll was still engaging in extensive efforts to manage ongoing customer concerns, regulatory obligations and the like, including undertaking practice runs implementing Toll’s incident response plan on a quarterly basis and curating external cybersecurity experts.
Toll’s experience highlights the importance of having effective cybersecurity processes and practices in place that are well rehearsed, to protect against and mitigate the potential long-lasting impacts of a cyber-security incident. It is better to invest upfront in cybersecurity than suffer the more costly and “long tail” effects of a cyber incident like Toll. Organisations too often only learn from their own disasters, when they could have learnt from others.