As of October 4, ever more damning information continues to surge out of the Equifax investigation. The total number of affected American consumers has hit 146 million, with the former-CEO laying blame on a single employee for not implementing a security patch that would have plugged a vulnerability in Apache software (which itself was patched by the vendor 2 months prior).
Numerous other downstream failures occurred such as internal company mis-communication on employee patching responsibility as well as a vulnerability scanner that failed to find the unpatched hole.
Regardless of why this all happened, whos at fault, resultant consumer compensation, etc, we / society at large, are now at an inflection point where Cybersecurity can no longer just be considered as just an IT issue, just a business issue, but a clear material issue that companies must address given now-observed breach consequences.
Cybersecurity is now & finally being discussed as an ESG Concern — Environmental, Social, and Governance factors that assess the sustainability or ethical impact on a companys investment or business operations.
For financial advisors and money managers, do you know where youre investing your clients money and confidential information, and are their networks protected and up to date? Are your own systems secure? Are you ready to discuss your firms specific cybersecurity policies and breach resilience?
To what degree are you being proactive in client communications, setting up response hotlines, websites, FAQs? Your customers will expect you to report on how youre prepared with threat monitoring and layered defensive capabilities as well as post-breach contingencies and support policies.
The impact and fallout from a breach are no longer amorphous, no longer undefined. As Equifax and its executives are experiencing right now, there are severe reputational and financial consequences when companies fail to implement and enforce safeguards to protect sensitive information.
Both the CIO and Chief Security Officer of Equifax immediately resigned after the breach announcement. The CEO himself stepped down 10 days later and has been lambasted by members of the House Energy and Commerce Committee for failing his duties and responsibilities to protect entrusted consumer data. Equifaxs stock has dropped by 27%, losing nearly $5 billion in market cap, and company bonds have shed 6% of their value.
Your customers will now demand to understand how their portfolio is resilient to cyber-threats, ultimately needing assurance that you are expertly considering and managing their risk. Cybersecurity is a living, evolving issue that confronts risks spanning the total lifespan of their investments.
Seek out and work with a security vendor expert in implementing individual broker compliance policies as well as in tailoring a holistic security solution based on your individual needs. RSI will work with you to deeply understand your current network and workstation security posture and identify opportunities to patch vulnerabilities that exist. We have solutions that address your cybersecurity needs today and our experts keep abreast of industry-best technologies that scale with the cyber-threats of tomorrow. Contact us today.
About the Author
Eric Haruki is a technology analyst with over 15 years of experience advising global category leaderssuch as Samsung, Panasonic, HP, & Ciscoonproduct and brand strategy, market competitiveness, and in areas of untapped product and distribution opportunity. He has produced both syndicated and project work, delivering forecasts, SWOT analyses, road maps, and panel survey insights to research customers around the globe. Eric has contributed to major print and television press outlets and has been a featured presenter at industry conferences. He isdriven to find insights through extensive market research and deliver concise and actionable solutions to vendors, leading ultimately to the development of valued downstream goods and services to end users.