Note from CSA Editor: Good Cyber Security specialists are REALLY needed. According to the article 40% of employers think their staff has failed to adapt. The KEY to a successful cyber security operations is an continual improvement program, which means you should always be learning, testing new things in a lab, and strengthening your defenses. The bigger the company, the more they are a target and the more they need someone like you.

Original Source – SC Magazine: https://www.scmagazine.com/home/security-news/whats-really-changed-three-years-after-equifax-breach/

“40 percent of security leaders in a recent study from Ostermann Research and Immersive Labs said they aren’t confident in their team of responders precisely because they feel security has failed to adapt to today’s threats.”

Are organizations better off today than they were three years ago when a devastating breach at Equifax exposed sensitive customer data and poor security practices in equal measure?

The consensus among experts is that companies still have a ways to go.

“Unfortunately, not much has changed,” said Greg Foss, senior threat researcher from VMware Carbon Black.

 

“Cyber crisis response, sadly, currently lags the threat landscape,” said Max Vetter, chief cyber officer at Immersive Labs. “This is because it is still far too static, stored in a folder..only updated and tested at infrequent intervals.”

Patch Management

Keep on patching. At its core, the attack on Equifax was “opportunistic and the result of a combination of vulnerabilities that often go unnoticed in many organizations that lack proper tooling and processes to prevent common but avoidable exposures such as default credentials and patch management,” said Foss.

Read the full article – here… https://www.scmagazine.com/home/security-news/whats-really-changed-three-years-after-equifax-breach/