Building Cybersecurity Awareness, Every Month

October 04, 2022

Cybersecurity Awareness Month (CSAM) has officially begun – a global initiative aimed at highlighting the range of digital threats and empowering every person to protect their personal data.

The month-long campaign is for good reason: The cyber challenges facing business, government, and society are as consequential today as they’ve ever been. The number of reported data breaches reached an all-time record in 2021.1 Attacks involving ransomware have doubled in each of the past two years. 2 Identity fraud cost Americans a total of $52 billion last year. 3

“Risk is both evolving and accelerating, and it’s clear that maintaining the status quo in cybersecurity is untenable,” says Equifax EVP & Chief Information Security Officer Jamil Farshchi.

Continuous, Rigorous, and Personalized

Since 2018, Equifax has transformed our organization at every level, investing $1.5 billion in technology and security to build the Equifax Cloud. Almost every aspect of the Equifax security program has been completely overhauled in the last four years, and we are extremely proud of the incredible progress that we have made toward embedding security into everything we do – from our technology infrastructure, data fabric, and product development, to our merger and acquisition strategies, to our incentive compensation plans. Throughout the month of October, Equifax has planned an array of in-person and virtual events for employees centered around the theme of “Security First.” Thousands of Equifax employees participate in CSAM each year, and it gives them the opportunity to learn more about topics across cybersecurity and have some fun along the way. 

But this isn’t the finish line for us. Security awareness at Equifax goes well beyond the month-long campaign:

Training: To test our workforce against a range of threats, we release thousands of simulations each week and conduct tabletop exercises to prepare our company’s leaders for crisis scenarios. 

Insights: We provide every employee and contractor with insight into their own security performance each month with a “security snapshot”, and we measure key security behavior metrics based on an individual’s unique job.

Performance: To underscore the importance of these efforts, we benchmark each employee’s performance against their department and the company overall. We even tie that performance to their annual incentive. 

This approach to cybersecurity awareness is continuous, rigorous, and personalized. It shows that we’re measuring what matters, and it provides the type of transparency and incentive that employees deserve. 

A Force for Good

In addition to continuously training our workforce in cybersecurity, Equifax is also steadfast in helping others beyond our four walls become more secure. 

Farshchi participates in dozens of briefings and forums each year aimed at sharing lessons learned, tackling global challenges, and uncovering new opportunities in cybersecurity. 

To help other organizations across the U.S., Farshchi was recently appointed as a Strategic Engagement Advisor to the Federal Bureau of Investigation (FBI). In this role, he will support the FBI’s efforts to strengthen their relationship with the private sector and will support the Bureau in addressing the range of cyber threats facing businesses across America.

“We can’t solve today’s cyber challenges without talking about them and collaborating with one another,” Farshchi says. “If we want to change the trend line of successful attacks—if we want to make our companies and communities more secure—we need more communication, more collaboration, and more transparency in security, not less.”
To learn more about how Equifax accelerated our leadership in cybersecurity in 2021, check out our Security Annual Report. 

1 Identity Theft Resource Center, 2021 Data Breach Annual Report
2 Identity Theft Resource Center, 2021 Data Breach Annual Report
3 Javelin, 2022 Identity Fraud Study