Dive Brief:

• GoTo, the remote IT management and services provider, appointed Attila Török as CISO, the company said Tuesday.
• “Attila’s expertise in cloud and product security and his proven record of seamless integrating security in all aspects of the product development process make him ideally suited to lead GoTo,” GoTo CTO Olga Lagunova said in a statement.
• Török returns to GoTo after serving as Zapier’s head of security for three and a half years. Török originally joined GoTo as a security engineer in 2014 and, after multiple promotions through a nearly six-year stint, left the company in late 2019 as its director of security assurance.

Dive Insight:

The change in security leadership comes months after the third-party cloud storage service GoTo shares with LastPass was breached, resulting in the theft of an encryption key and a portion of encrypted backups.

GoTo, the parent company of LastPass, said a breach first detected by the password manager in August 2022 resulted in a similar, subsequent breach of GoTo’s cloud-based storage through the same attack vector. GoTo first discovered and informed its customers of the breach in November 2022. 

GoTo, formerly LogMeIn, concluded its investigation into the incident in April and said it found no evidence of ongoing threat actor activity.

“We take our commitment to protect our customers very seriously and will continue to undertake efforts to ensure our services and infrastructure remain secure and are designed to detect and prevent future threats,” GoTo CEO Paddy Srinivasan said in an April update.

Török shared his plans to return to GoTo in a LinkedIn post and rejoined the company as CISO in May. GoTo didn’t announce Török’s appointment until Tuesday, when it also announced the promotion of Meredith Hawkins to chief people officer.

Török is responsible for the security of GoTo’s internal systems and products and the safeguarding of the company’s IT assets, the company said.

“My team strives to prevent, mitigate risk, and reduce the impact of any potential security threats so that our users can continue to perform their best work simply and securely from anywhere,” Török said via email.

“In terms of near-term projects, I am focused on the continued strengthening of our human firewall. I believe that people are the strongest link if we enable them,” Török said. “At GoTo we foster a strong security culture and mindset by providing on-demand and live training to teach our employee base about cybersecurity skills and best practices.”

GoTo’s previous CISO Michael Oberlaender was appointed to the role in March 2021 and left the company in December 2022, according to Oberlaender’s LinkedIn page.