By Todd Thibodeaux
The roll call includes some of the biggest brand names in the business world. Target, LinkedIn, Yahoo, Home Depot, Anthem. Now Equifax adds its name to this roster of infamy.
Once again, tens of millions of innocent, trusting consumers are left in a digital lurch, with personally identifiable information stolen, financial accounts compromised and passwords pilfered.
Once again, a small number of C-level executives pay the price with their jobs, either through firings or forced retirements.
Once again, fingers are pointed at out-of-date software, faulty hardware, careless employees or incompetent contractors as the cause of the breach.
And once again, a group of individuals who should be front and center in cybersecurity discussions stays silently in the background.
It’s become far too easy – almost standard practice – for boards of directors to scapegoat CIOs, CISOs and IT teams when avoidable data breaches like the one at Equifax occur.
Should the internal team at Equifax have implemented security patches in a timely manner; enforced stricter password policies; and taken any number of other common sense security safeguards?
|