The breach was one of the largest ever to threaten the private information. As GDPR and now Equifax’s record-breaking fine show, if you’re not staying on top of the rising cybersecurity table stakes, law makers and regulators may try to kick you off the table.The settlement with the Consumer Financial Protection Bureau and the Federal Trade Commission, as well as 48 states, the District of Columbia and Puerto Rico, would provide up to $425 million in monetary relief to consumers, a $100 million civil money penalty, and other relief. Now’s the time to proactively identify, quantify, and manage cybersecurity risk throughout your ecosystem. With insight into security liabilities, risky user behavior, security diligence such as patching cadence, and even compromised systems, you can take the right steps towards reducing risk. Security ratings automatically monitor the security status of your organization, third-party vendors and suppliers, and even acquisition targets for vulnerabilities and risk vectors on a continuous and global basis. A better approach would be to implement a data-driven and dynamic measurement of your organization’s cybersecurity performance using tools like security ratings.
Equifax breach settlement status manual#
How do you remediate a risk you can’t see?Īs the costs of cyberattacks skyrocket, traditional manual risk assessments are falling short. The challenge for many organizations is that they lack visibility into the true nature of risk – in their own operations, across their third-party vendors and supply chains, and even M&A targets. Understanding the risk and exposure your company faces must be at the forefront of strategic discussions and planning. policy makers are increasingly questioning whether “only through tough, new federal laws would Equifax and other companies truly improve their digital defenses.” The table stakes are high Meanwhile, The Washington Post reported that federal U.S. states like California and Ohio are following suit with their own data privacy laws. Then, when words like “inept” and “negligent” are uttered, executives begin to take notice because they understand the impact upon their organizations’ reputations and credibilities.īut if businesses won’t regulate themselves, governments and policy makers are happy to step in. This is particularly true of the C-suite and boardroom where security is often overlooked until a breach occurs. Vulnerabilities aside, what unites these breaches is that no one is paying attention to the strategic risk that a company’s security posture poses. Today 60% of companies are breached as a result of an unpatched vulnerability. Security remains a critical business oversightĮquifax is certainly not alone in patching speed. While a fix had been available for months, Equifax had not yet patched its systems, which is all too common for organizations (as Bitsight has observed recently with organizations failing to address the BlueKeep vulnerability, for example).
Equifax breach settlement status software#
As Wired magazine reports, a known vulnerability in the company’s Apache Struts web application software proved to be an easy exploit for hackers.
Hackers are increasingly sophisticated, but they also prey on sitting targets who fail to maintain proper security hygiene and the most elementary security protections. Perhaps the biggest takeaway from the Equifax breach is that it could have been mitigated. Nearly two thirds of breaches follow the Equifax pattern That’s almost three times the fine imposed by GDPR regulators on Marriott and British Airways combined. Following probes into its massive 2017 data breach - which resulted in the compromise of personal information, including Social Security numbers, of 143 million Americans - Equifax agreed to pay up to $700 million in fines and reparations. This week, credit reporting giant Equifax felt the wrath of state and federal investigators.
The record setting began in early July when fines were imposed on British Airways and Marriott International for non-compliance with the European Union’s (EU) General Data Protection Regulation (GDPR) data privacy requirements following breaches reported in 2018. were levied massive penalties after probes into data breaches that left consumer data exposed. In the past two weeks, businesses in Europe and the U.S. The summer of 2019 is proving to be a cybersecurity record breaker – for all the wrong reasons.
0 kommentar(er)
