Inflection Point: Equifax's Ounce of Prevention

Are you ready for some good news for a change?

Something inspiring about the bleak cyber risk landscape we live in?

Jamil Farshchi, the current CISO at Equifax, recently said he got an advance warning from CISA about a major cyberattack that was going to be launched by a powerful ransomware gang against his company in 124 hours.

He said that the warning “…wasn’t a general ‘heads-up.’ The intelligence was exacting. The insights were concretely actionable.”

After talking with CISA, Farshchi was given even more details about the cyber criminals by the FBI.

Farshchi said their next step was to tune their defenses against the expected attack and wait.

And the cyberattack unfolded just as he was warned it would.

The best part of all? Nothing bad happened.

Farshchi says it was the CISA alert that was the critical success factor.

Then he said something really encouraging: “[This] isn’t some special access program for a select group of companies. Anyone can take advantage of it: You just need to engage.”

OK, so how do you do that?

It’s actually very straightforward: Introduce yourself to the local CISA and FBI reps and build a working relationship with them.

You’ll find their contact info here:

https://www.cisa.gov/audiences/industry

https://www.fbi.gov/contact-us/field-offices

Are you going to reach out? Why or why not?

Hit comment and let me know. I read every comment you post.

-Kip

P.S. Please tag someone in this “Inflection?Point” you care about.

Current Podcast Episode: “How Identity Really Works on the Internet Today”

https://cr-map.com/podcast/131/

What does identity on the Internet mean? What does the failure of identity cost us? Do we need to make any changes to the way we do digital identity? Let’s find out with our guest, Jeff Reich , Executive Director of the Identity Defined Security Alliance (IDSA). Your hosts are Kip Boyle , CISO with Cyber Risk Opportunities LLC Risk Opportunities, and Jake Bernstein, CISSP, CIPP/US Bernstein, Partner with K&L Gates K&L.

IDSA Website

Jeff Reich on LinkedIn

Want to know how to quickly make your company a smaller target for cyber-attackers? See:?https://www.cr-map.com/

My best-selling book "Fire Doesn’t Innovate: The Executive's Practical Guide to Thriving in the Face of Evolving Cyber Risks":?https://www.amazon.com/Fire-Doesnt-Innovate-Executives-Practical-ebook/dp/B07M7KTZWX

By the way...

Know anyone who would benefit from this excellent class on what you need to know in order to work in a Security Operations Center (SOC) by John Strand ?

He just told me: “I’m teaching a pay-what-you-can SOC Core Skills class on June 12-15. This is one of the three pay-what-you-can courses I teach. You can pay $0 for this course if that is all you can afford at this time in your life. We don't need to know why you can pay $0 or more, that is up to you.”

https://www.antisyphontraining.com/soc-core-skills-w-john-strand/

Kip Boyle is a husband, dad, entrepreneur, and experienced cyber risk manager. He founded Cyber Risk Opportunities LLC in 2015, after seven years as the CISO of PEMCO Insurance in Seattle. As a captain on active duty in the US Air Force, he served in the Combat Archer and F-22 Stealth Fighter programs where he was the director of enterprise network security. These days, he serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!

Connect with Kip on LinkedIn

Visit Cyber Risk Opportunities

Download Kip's Book

Don't ever miss the opportunity for cyber resilience! Click subscribe to see our monthly newsletter in your inbox for your competitive business advantage.