Lessons Learned On The 1 Year Anniversary Of The Equifax Breach
John Iannarelli retired from the FBI after more than 20 years of service, during which time he was a member of the FBI SWAT Team and participated in the investigations of the Oklahoma City Bombing, the 9/11 attack, the shooting of Congresswoman Gabrielle Giffords, and the Sony hack. Among his many FBI assignments, John previously served in Washington, D.C. as the FBI National Spokesperson and later on the Executive Staff of the FBI Cyber Division. He was a Squad Supervisor before becoming the Assistant Special Agent in Charge of the FBI’s Phoenix Division, the number two position overseeing all Criminal, Cyber, and Counterintelligence investigations throughout Arizona. During his FBI tenure, John was also the recipient of the FBI’s Director’s Distinguished Service Award, for which he was selected from the ranks of the Bureau’s 35,000 employees.
A former San Diego Police Officer and a graduate of the University of San Diego School of Law and international studies at Oxford, England, John is an also attorney admitted practice of law in California, Maryland, and the District of Columbia. In addition, John is the recipient of an Honorary Doctorate of Computer Science in recognition of his contributions to the field of cyber investigations. An engaging and entertaining Certified Speaking Professional ® _who was profiled in Forbes, John is the author of four books, including Why Teens Fail and What to Fix, a parent’s guide to protecting their children from Internet predators and other dangers, Information Governance Security about how businesses can protect their important information from loss or compromise and How to Spot A Terrorist Before It’s Too Late, a guide to help people recognize and prevent terrorism before it can occur. His soon-to-be-released fifth book, Disorderly Conduct, examines the lighter side of law enforcement and the humorous moments during John’s FBI career.
John is a frequent on-air contributor for the national news media, including the Fox News Channel and CNN, and provided live on-scene coverage from Las Vegas of the Mandalay Bay shooting as it occurred. John is now a highly sought-after keynote speaker, known for sharing his intriguing insights combined with his sense of humor. He has presented to numerous Fortune 500 companies, domestic and international audiences, the United Nations, and the Vatican, where he has personally met on several occasions with Pope Francis.
Unbelievably, the Equifax data breach event occurred between May and July 2017, yet Equifax waited six weeks before its public disclosure on September 7, 2017. But it gets worse, as one month later Equifax announced that its data breach event included an additional 2.5 million individuals and then in March 2018, Equifax found an additional 2.4 million people bringing the total number of affected individuals to nearly 148 million. The Equifax data breach event exposed Social Security numbers, Dates of Birth, addresses, and even driver’s license numbers. This means that affected consumers will have their Social Security numbers and birth dates sold and traded on the “dark web” for the rest of their lives.
So when Equifax offers 12 months or 24 months of “free” credit bureau monitoring – it is essentially worthless as ID theft criminals typically sit on stolen information for 12 to 24 months before they begin to use it for fraudulent purposes. As we recognize the one-year anniversary of this historic September 7, 2017, public disclosure of the Equifax data breach event, I have listed below some lessons learned for consumers:
- Credit bureau monitoring provides a false sense of security and cannot prevent individual consumers from becoming a victim of ID theft
- Credit bureau monitoring cannot alert consumers to non-financial ID theft such as taxpayer ID theft/refund fraud, medical ID theft, and credential (e.g. driver’s license or passport) ID theft
- Consumers underestimate the possibility of becoming an ID theft victim and do not realize how labor and time-intensive recovering from identity theft is
At the same time, here are some lessons learned for Equifax:
- The Equifax CEO, CIO, and CSO were not forced to resign (or “retire”) because Equifax experienced a data breach event, they resigned because of their failed management response to its data breach event
- If Equifax, a business centered on securing our most sensitive personal information – with more financial and IT resources than most business sectors cannot prevent a data breach from happening – what leads other businesses to believe they can?
- But it’s not just Equifax, as the two other major credit bureaus (Experian and TransUnion) along with the top 10 banks and health insurance companies in the U.S. have all experienced data breaches
Based on new privacy laws and the current regulatory landscape including GDPR (General Data Protection Regulation), the new California Consumer Privacy Act of 2018, and the recently revised 50 state notification laws – now is a good time to understand what consumers and businesses should do to protect yourself, your family, your employees, and your customers. Mark Pribish is VP and ID-theft practice leader at Merchants Information Solutions Inc., an ID theft and data breach risk management firm based in Phoenix, AZ.
- Key vulnerabilities to your business by using a computer
- How to avoid becoming a cyber victim
- What to do if a cybercriminal does attack
Course Level - Basic and Intermediate
Who Should Attend
Anyone who has access to a computer will benefit from this presentation and aid in keeping the company safe.
Why Should You Attend
The Equifax breach impacted one-third of the U.S. population, but are we any better off than before? If you don’t understand the threats you cannot protect yourself. This course will introduce you to the threats most likely to impact you and your business and provide solutions as to how to avoid becoming a victim.
Are we better prepared and better protected?