Following the massive Equifax data breach that exposed information on 143 million U.S. citizens, the CIO and CSO have resigned.
The two most senior security roles have since been filled by the credit rating firm, with the world still stunned by the scale of the breach that also affected around 400,000 people in the UK.
A wide range of sensitive and valuable information was exposed in the colossal Equifax data breach, including addresses, date of birth, driving license details and social security numbers.
Dan Panesar, VP EMEA, Certes Networks, said: “As the fall-out of the Equifax breaches continues, it is ever more apparent that not only is maintaining traditional approaches to cybersecurity an open invitation to hackers, but also that the mindset of most CIOs and CISOs needs to change.”
It is becoming increasingly clear that while technological enhancements such as automation are essential to handle today’s security risks, the attitudes of executives are also vital.
“It’s all good and well having the buck stop with the CIO when a breach occurs, but when are boards going take a holistic view of their risk profile, and empower dedicated security teams working under the supervision of the CIO to have full control over policy and implementation?”
Risk management is beginning to be applied to cybersecurity, as massive data breaches now pose a critical risk to the business in terms of financial damage, as well as reputational damage. It is also apparent that security teams should be able to be as manoeuvrable and agile as the threats they are faced with.
“Current solutions are flawed and follow an outdated approach to security. Companies – including every single member of the C-suite – must change to a Zero Trust security posture so that when updating their technology, it follows a new, innovative mindset, rather than continuing the insanity cycle with the next generation of flawed technology,” said Panesar.