The Equifax CEO, the man at the helm of the credit scoring firm recently shamed following a breach that revealed 143 million sets of personal data, has resigned.
This latest news from the Equifax boardroom follows the resignations of both the CIO and the CSO, entrenching the reality that the hammer blow of cyber responsibility will fall hard on the board.
Pressure has been mounting on the Equifax CEO, Richard Smith, as responses from the company to the breach have been inconsistent, in addition to showing lacking cybersecurity awareness.
Cybersecurity risk has rapidly risen to the attention of investors, making it an issue that executives must be responsible for. While it is essential that security leaders prove they are driving a robust approach toward cybersecurity, it is important that everyone begins to be cyber aware.
Lev Lesokhin, EVP of strategy at software quality measuring company CAST Software, said: “What Equifax brings to light is that we are under a shortage of talented developers and cannot keep up with business demand and tech complexity at the same time, creating further software risk.”
The skills gap is a well-documented problem causing a great deal of concern among cybersecurity professionals, and subsequently developments in automation are being energetically pursued to help bear the data load.
Deloitte cyber-attack reveals blue-chip client details – report
Data breaches are just the nature of the beast, says OneLogin CEO
NCSC Director: Imminent ‘category one’ cyberattack will be undefendable
“The solution is NOT to rely on the ability to hire good developers so they write good software – there just aren’t enough skilled developers with whole-system vision to go around. We need to take our most senior developers, have them design the architectures for data protection, and then ensure these architectural constructs are followed by the developer plebiscite with every build,” Lesokhin said.
The central message that comes from the resignation of the Equifax CEO is that the board must be directly involved in an organisations cybersecurity mission, with specific risk management strategies being employed to handle the colossal business risk.