MBA_635_ Case Study Equifax Data Breach.docx Case Study: Equifax Data Breach Southern

MBA_635_ Case Study Equifax Data Breach.docx    Case Study: Equifax Data Breach  Southern New Hampshire University    Compliance  When news broke that Equifax had been hacked and millions of consumers had their personal information exposed, details came out showing Equifax™s many different compliance issues. Some of the compliance issues included poor patch management, gaps in accountability among management, and outdated technology. Equifax™s many lapses in patch upgrades, even after an assessment had identified specific patches that needed to be applied, were a severe oversight that resulted in the degradation of security for their data. In response to this compliance issue, Equifax has established a procedure to, œConduct annual assessments of internal and external security risks and implement safeguards to address potential risks, such as patch management and security remediation policies, network intrusion mechanisms, and other protections (Jaeger, 2019). When the review of the security lapse showed gaps in Equifax™s organizational structure that siloed the Security Team from the IT Team, Equifax elected to œDesignate an employee to oversee the information-security program (Jaegar, 2019). By relying on a specific individual to ensure IT security is being maintained, they reinforce their organizational structure to reduce the siloing between teams. Finally, to combat the outdated technology that Equifax had relied upon previously, Equifax changed its software technology method so that they could, œMinimize its colle