Equifax Chief Information Security Officer Jamil Farshchi was featured in The Wall Street Journal on “What to Do — and Not Do — in the Aftermath of a Cybersecurity Attack.” Farshchi shared insight into the experience he and his team at Equifax have had as part of the company’s technology and security transformation.
Companies can avoid 99.9% of potential threats that they face if they just enforce a policy of doing the basic things correctly and in a timely fashion, Farshchi told the Wall Street Journal. Things like applying security patches and understanding which devices are authorized to connect to the network.
This was Equifax’s first step in a much greater transformation.
Since 2017, Equifax has recruited roughly 1,000 new employees with highly specialized skills as part of a $1.5 billion program to bolster security processes and technology and instill a focus on security as part of the culture of the organization, the Wall Street Journal reported. Equifax also opened a multi-million dollar Global Fusion Center that supports 24-7 detection and response capabilities.
Farshchi noticed that while there is a tendency to not talk about corporate breaches for fear of further reputation damage, being open and sharing lessons learned can help everyone in the security community.
Equifax has shared what it learned with a network of partners, including nonprofits, government agencies, suppliers, customers, and even competitors. not only can sharing information help other companies improve, but by sharing with suppliers, companies can improve their own security.
Farshchi and his team recently hosted its inaugural Customer Security Summit: a direct conversation between our company’s security and privacy leaders and several hundred customers of Equifax.
To read the full article on the Wall Street Journal, click here.