Learning from the misfortune of others – the Equifax breach
Conclusion: Cyber security incidents are a foreseeable business risk, and organisations must learn from the ongoing litany of cyber incidents that accompany any digital enterprise. Organisations that have data at their core live or die by how they manage this asset. The Equifax data breach is an unfortunate example of an organisation of senior business executives that were not making decisions on cyber risk management that aligned with societal expectations. Equifax is a company with data at its core, and time will tell whether it was incompetence or negligence that resulted in the data breach this month. Either way, Equifax clearly failed to exercise due care in the reasonable protection of its wealth and sustainability in the face of eminently addressable risks. It is a serious mistake for any executive to think that risk management of digital assets is somehow merely an IT issue.
About The Advisor
James Turner is an IBRS emeritus Advisor who specialised in cyber security and risk and facilitates the CIO Cyber and Risk Network on behalf of IBRS. James has over a decade of experience as an industry analyst and advisor; researching the cyber security industry in Australia. As an IBRS Advisor, James authored over 100 IBRS Advisory papers, led dozens of executive roundtables, and presented at numerous conferences.