The Commonwealth Bank's cyber security division is undergoing a restructure instituted by new CISO Yuval Illuz that has resulted in job losses and the potential offshoring of cyber security functions.

Illuz joined CBA in February this year from Israel following a brief stint at gaming software supplier Playtech and 12 prior years in security and innovation roles at telco supplier ECI Telecom.

Since his arrival, Illuz has been surveying the CBA cyber landscape and looking for efficiencies in the bank's massive cyber security spend.

Former CISO Ben Heyes, who was forced to leave the organisation due to illness last year, significantly boosted the funding, size, and status of CBA's cyber security division under his six-year reign.

CBA's overall IT spend in its last financial year - $1.9 billion - was its largest on record.

Illuz's review of the division has resulted in a request for proposal, first reported by The Australian, that will see some of CBA's current onshore cyber security service providers forced to compete with offshorers to keep its business.

Sources told iTnews that Illuz and CBA are looking to see whether cost efficiencies can be achieved by offshoring areas like the management of firewalls, proxy servers, and identity.

These services are currently managed onshore by third parties including Tata Consultancy Services.

CBA declined to comment on which specific suppliers were under threat.

"Commonwealth Bank works with a number of different global and local IT partners. We’re always looking for ways we can work more effectively with them and use their expertise and we will always safeguard system integrity, security and information,” it said in a statement.

"Any decision that is made will be based on the best mix of employees and global and local IT partners to deliver what matters to our customers."

The review of the unit has also resulted in the departure of a handful of senior cyber security executives, sources told iTnews.

CBA declined to name the individuals involved, nor how many have been impacted.