Incident & Breach Response , Managed Detection & Response (MDR) , Security Operations

Was the Equifax Breach Preventable?

Stephen Soble of Assured Enterprises on How to Better Manage Vulnerabilities
Stephen Soble, chairman & CEO, Assured Enterprises

In the weeks following the massive Equifax breach reported in September, much of the analysis of the contributing factors concluded that a vulnerability in the Apache Struts web-application software was exploited. The vulnerability was reported in March, but Equifax left it unpatched until after it was attacked in May. Like many cybersecurity thought leaders, Stephen Soble of Assured Enterprises believes this could have been prevented with the right strategy in place to detect deep software vulnerabilities.

See Also: Are You APT-Ready? The Role of Breach and Attack Simulation

"There are something like 500 to 1,000 new vulnerabilities discovered every week," Soble says. "What's important is not only to detect, but to be able to remediate."

In a video interview at Information Security Media Group's recent 2017 London Fraud and Breach Prevention Summit, Soble discusses:

  • Why he believes Equifax missed the vulnerability that lead to its exploitation;
  • Why the relationship between the board and the IT department leads to budget disconnect;
  • The key stakeholders that need to be part of security budget discussions.

Soble is the chairman & CEO of Assured Enterprises Inc. Previously, he was the chairman and CEO of API Development Group for 15 years.


About the Author

Joan Goodchild

Joan Goodchild

Director of Multimedia Content, ISMG

Joan Goodchild is veteran writer and editor who has been covering security for more than a decade. Before joining ISMG, she was the editor-in-chief of CSO, where she led the team to several national awards, including an AZBEE (ASPBE) for website of the year and several Digital Eddie (Folio) awards for B2B website of the year. Her previous experience in business journalism includes roles as a broadcast and web editor with the Boston Business Journal and as a news writer covering the Windows OS with TechTarget. Prior to that, she worked as a television reporter and anchor for more than a decade. She has a master's degree in journalism from Northwestern University's Medill School of Journalism and is the recipient of an Edward R. Murrow award for investigative reporting.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.