Attacks/Breaches

2/13/2018
09:40 AM
50%
50%

Equifax Names New CISO

Former Home Depot CISO takes the reins in the wake of Equifax's massive data breach and fallout.

Equifax has hired Jamil Farshchi as its new chief information security officer (CISO) to fill the slot by its former CISO, who retired last year in the wake of revelations of its massive data breach.

Farshchi is the former CISO of The Home Depot who took that position after the retailer suffered a data breach of its own in 2014. According to Equifax, Farschi will head the company's information security program transformation, and will report to the CEO. His resume includes serving as the first global CISO at Time Warner, vice president of global information security at Visa, and senior positions at Los Alamos National Laboratory and NASA.

"Jamil has a reputation for helping enterprises rebuild and fortify information security programs. His expertise in risk intelligence and cybersecurity combined with his intimate knowledge of industry best practices will allow us to design and deploy a best-in-class, global security strategy to re-establish ourselves as a trusted leader," Paulino do Rego Barros, Jr., interim chief executive officer at Equifax, said in a statement.

"Equifax is a company with tremendous potential, and I am confident that we will transform our security program into one of the most advanced and recognized globally," Farshchi said in a statement. "I am grateful for this new challenge and am looking forward to enabling the business with new insights, a fresh perspective, and a multi-dimensional way of thinking about global data stewardship and information security."

Read more here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17300
PUBLISHED: 2018-09-21
Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name.
CVE-2018-17301
PUBLISHED: 2018-09-21
Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel.
CVE-2018-17302
PUBLISHED: 2018-09-21
Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /#Email/view saved draft message.
CVE-2018-17292
PUBLISHED: 2018-09-21
An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than...
CVE-2018-17293
PUBLISHED: 2018-09-21
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application c...