Story image

Equifax ushers new CISO as breach fallout continues

14 Feb 18

Equifax has ushered in a new chief information security officer as the fallout continues from the company’s massive data breach last year.

Jamil Farshchi will take over companywide leadership of the company’s current project to improve its information security programme. He will also collaborate with industry to share information security best practices.

 "Jamil has a reputation for helping enterprises rebuild and fortify information security programs,” comments interim Equifax CEO Paulino do Rego Barros.  

“His expertise in risk intelligence and cybersecurity combined with his intimate knowledge of industry best practices will allow us to design and deploy a best-in-class, global security strategy to re-establish ourselves as a trusted leader."

Farshchi brings a history as CISO of Time Warner and VP of global information security at Visa. He has also worked at NASA.

"Equifax is a company with tremendous potential, and I am confident that we will transform our security program into one of the most advanced and recognised globally," Farshchi comments.

"I am grateful for this new challenge and am looking forward to enabling the business with new insights, a fresh perspective, and a multi-dimensional way of thinking about global data stewardship and information security. Together, we are going to do great things for consumers, customers, and employees alike."

Last year hackers stole personal information belonging to 143 million US customers by using a web app vulnerability to gain access to files.

It was initially publicised that stolen information included names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers, credit card numbers and documents with personally identifiable information.

In a report issued by US senator Elizabeth Warren, she accuses the company of being deliberately misleading about the scale of the breach.

The letter says:

“As your company continues to issue incomplete, confusing and contradictory statements and hide information from Congress and the public, it is clear that five months after the breach was publicly announced, Equifax has yet to answer this simple question in full: what was the precise extent of the breach?”

Only US customers were affected by the breach, however the take is a stern warning about the risks data breaches bring to organisations and their customers.

At the time of breach disclosure to the public, Equifax CEO Richard F. Smith said the breach was a ‘disappointing’ event for Equifax.

“I apologise to consumers and our business customers for the concern and frustration this causes. We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations.”

Smith retired from his position as Equifax CEO last year.

Equifax is headquartered in the United States. It operates or has investments in 24 countries including Asia Pacific, Europe, North America, Central America and South America.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.