Story image

Equifax ushers new CISO as breach fallout continues

14 Feb 2018

Equifax has ushered in a new chief information security officer as the fallout continues from the company’s massive data breach last year.

Jamil Farshchi will take over companywide leadership of the company’s current project to improve its information security programme. He will also collaborate with industry to share information security best practices.

 "Jamil has a reputation for helping enterprises rebuild and fortify information security programs,” comments interim Equifax CEO Paulino do Rego Barros.  

“His expertise in risk intelligence and cybersecurity combined with his intimate knowledge of industry best practices will allow us to design and deploy a best-in-class, global security strategy to re-establish ourselves as a trusted leader."

Farshchi brings a history as CISO of Time Warner and VP of global information security at Visa. He has also worked at NASA.

"Equifax is a company with tremendous potential, and I am confident that we will transform our security program into one of the most advanced and recognised globally," Farshchi comments.

"I am grateful for this new challenge and am looking forward to enabling the business with new insights, a fresh perspective, and a multi-dimensional way of thinking about global data stewardship and information security. Together, we are going to do great things for consumers, customers, and employees alike."

Last year hackers stole personal information belonging to 143 million US customers by using a web app vulnerability to gain access to files.

It was initially publicised that stolen information included names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers, credit card numbers and documents with personally identifiable information.

In a report issued by US senator Elizabeth Warren, she accuses the company of being deliberately misleading about the scale of the breach.

The letter says:

“As your company continues to issue incomplete, confusing and contradictory statements and hide information from Congress and the public, it is clear that five months after the breach was publicly announced, Equifax has yet to answer this simple question in full: what was the precise extent of the breach?”

Only US customers were affected by the breach, however the take is a stern warning about the risks data breaches bring to organisations and their customers.

At the time of breach disclosure to the public, Equifax CEO Richard F. Smith said the breach was a ‘disappointing’ event for Equifax.

“I apologise to consumers and our business customers for the concern and frustration this causes. We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations.”

Smith retired from his position as Equifax CEO last year.

Equifax is headquartered in the United States. It operates or has investments in 24 countries including Asia Pacific, Europe, North America, Central America and South America.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.