The Equifax Breach Should Result in Legislation, But Not What You Think

All of these authorities form an incomplete patchwork that means that even in the egregious situation we find in the Equifax breach, in which so many consumers are affected and it seems likely that the security practices of the company were insufficient, there may not be direct liability for failing to provide a basic level of security for consumers.

What Does the Equifax Breach Mean for You?

A week after it was announced, the whole world is still buzzing about the breach of Equifax that compromised sensitive data of 143 million Americans between May and July of this year and the damning fact that Equifax insiders had a chance to dump their stock and avoid inevitable losses before last week’s disclosure.  Equifax …

Read More “What Does the Equifax Breach Mean for You?”

Can We Build Resilient Systems?

A recent post on cybersecurity got me thinking about the nature of the approach of many organizations to protecting their networks.  Citing the old terrorism adage (adapted for cybersecurity) that “[t]he attacker only has to be right once, we have to be right every time,” the author accurately asserts that cybersecurity is part of the …

Read More “Can We Build Resilient Systems?”

Why an Information Audit?

There are as many approaches to giving advice on cybersecurity as there are cybersecurity consultants. Fundamentally, there is a theme almost all approaches share: cybersecurity problems boil down to getting basic things, often collectively referred to as cyber hygiene, right. Doing basic things right is great advice but you still have to figure out how to …

Read More “Why an Information Audit?”