Just a few days ago, leading credit bureau Equifax announced that between May and July of 2017, the credit data and personal information of up to 143 million of their clients was breached by hackers. Among the leaked information were Social Security numbers, credit card numbers, dates of birth and personal addresses, all of which can be used by identity thieves. This Equifax Data Breach puts millions of people at risk of losing their money and even their personal identity.
So what went wrong here? When a big corporation like Equifax suffers an attack, we might assume that all reasonable precautions were taken and that the breach was inevitable. But that might not be the case. According to political periodical The Hill: “It’s now clear that at least one of the major players in this industry has not done due diligence in maintaining the security of their core business.” The Chicago Tribune concurred, explaining, “When asked if the Equifax Data Breach suggests the need for new regulation of how companies handle the personal information of consumers, Sanders said, ‘I think that’s something we have to look into extensively.’” So to answer the question of what went wrong, one thing seems to be clear: Equifax didn’t take the precautions it could have taken to secure its system and safeguard its clients’ private information.
This incident speaks to a much broader issue. In the wake of the Equifax scandal, The Atlantic said this: “Software development has become easy and popular, making security an afterthought, and software engineering has failed to adopt the attitude of civil service that might treat security as a first-order design problem.” The issue is widespread: as the internet continues to dominate, cybersecurity awareness is falling dangerously behind. Big companies continually are falling victim to these attacks because their security measures do not match their enormous cyber presence. In order for these breaches to cease — or even lessen in frequency — cybersecurity has to be taken far more seriously.
Global Learning Systems is dedicated not only to bringing awareness of information security to the forefront, but also to providing accessible, thorough and effective training that will help make that awareness a reality. GLS has several courses that deal specifically with protecting personal data, detailing how both companies and individuals can safeguard properly the information that matters most. These courses cover the regulations associated with personal and credit card data, what these regulations entail, and what fines are associated with misusing or failing to protect such data properly. Additionally, GLS has many courses that deal with more general cyber-security best practices that are necessary for preventing system hacks and data loss. Taken as a whole, this training provides a sturdy firewall that could mean the difference between properly protected data and 143 million people being put at risk for identity theft.
If the Equifax Data Breach can show us one thing, it’s what can happen when a large corporation that serves millions of people does not go to proper lengths to ensure the security of its system and the private information that system contains. But the solution is simple: Proper information and cybersecurity training can and will prevent these sorts of breaches from happening. What happened at Equifax doesn’t need to happen again to another big firm or even to an individual. By putting cybersecurity back at the forefront, GLS can help ensure that.
October is National Cyber-Security Awareness Month: Receive 10% off any training solution, now until October 31st. Contact us for more information.
What Can You Do?
To learn more about how the data protection and the human element affects information security, we invite you to read a Gartner report, “How to Secure the Human Link.”
Request information on our course – Privacy and Data Protection Essentials