article

Inside the Equifax Fallout: Painful Takeaways, Future Regulation, and the Partner’s Role

Shutterstock

Data Breach

… U.S. data compliance. Simberkoff says she can envision a future U.S. where customers prioritize data privacy and security when picking out vendors. And this attitude will be driven by laws that incentivize stronger data policies and infrastructure and punish the opposite.

She says companies like Equifax that handle massive amounts of data deserve that kind of scrutiny.

“The world seems to be moving forward stricter, sterner measures toward companies that don’t put good controls in place,” she said.

“And quite frankly, I don’t think there’s much of an excuse not to do it. When you’re a custodian of somebody’s else’s information, you have an obligation to have it … they have data about citizens that we don’t necessarily give consent for them to have. They just get that. They have a right to get that data because of the nature of what they do. And to me, that creates a higher obligation for them to protect it.”

Partners

It is a more and more accepted fact that small and medium-size businesses are just as targeted as large companies like Equifax. One study by Verizon says SMBs account for 61 percent of breach victims.

Simberkoff says the Equifax breach makes life more difficult for small businesses, namely because of an “erosion of trust” that comes from consumers hearing about large-scale security failures. She says SMBs also need to address their customer information protection protocols because of how data is being commoditized in today’s society.

“No matter what the line of businesses you are in, the economy is being fueled by personal information, by the data that you hold,” she said. I think almost all businesses today are in some manner digital businesses, and that’s why breaches and identity theft are increasing.”

And in this data-driven world, partners can help guide businesses that lack significant in-house IT resources. Simberkoff says partners and their customers should adapt the “best practices and principles of good data governance and good data life-cycle management” with the same fervor as large enterprises.

“One clear message that this should send to smaller businesses and the partners that support them is that you cannot protect everything from everybody, so you need to understand what is important to protect,” she said. “To do that, you need to understand the data that you hold.”

Pages: Previous 1 2 3


Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 61643