Skip to main content
close search
site logo
Dive Brief

Equifax taps Home Depot's CISO to retool security

Published Feb. 13, 2018
Naomi Eide's headshot
Managing Editor
Getty, edited by CIO Dive

Dive Brief:

  • Equifax appointed Jamil Farshchi, the former CISO of The Home Depot, to revamp its security strategy as its new CISO, the company announced Monday. In his role, Farshchi will be in charge of companywide security .
  • A long-time CISO, Farshchi was brought on at The Home Depot in April 2015 following the company's 2014 data breach. At Equifax, he will report directly to the CEO as he works to transform the company's security program. 
  • Farshchi "has a reputation for helping enterprises rebuild and fortify information security programs," said Paulino do Rego Barros, Jr., interim Chief Executive Officer at Equifax, in a statement. His experience will allow the company to install industry best practices when designing and deploying security strategy. 

Dive Insight:

One of the first high profile breaches, the compromise of The Home Depot's payment card system in 2014 forced the company to revamp its security strategy. The retailer had to pay at least $19.5 million to settle consumer lawsuits and was required to improve its data security efforts and bring on a new CISO. 

Equifax is facing similar security mandates in the wake its breach, which sparked more than 240 lawsuits and launched numerous government investigations. The company is still working to understand the scope of the breach and has been without a full-time security chief since former CSO Susan Mauldin retired in September. 

While Farshchi has a daunting task, his experience revamping a company's security portfolio following a breach will likely allow for a more streamlined process. 

What's key for Equifax is to fully understand its networks and install a security strategy that can patch and respond to threats in a timely manner. With the amount of sensitive information the organization works with, threats are guaranteed. But if it can successfully revamp its security approach, the regulator spotlight may lessen.

Organizations across sectors are aware of and understand cybersecurity risks, particularly in light of highly-publicized failures. Detection, however, is still major challenge. When companies don't understand the full scope of a breach's impact, members of the C-suite tend to take reactive measures, which don't work to adequately improve cybersecurity efforts. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Editors' picks
Latest in IT Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell