Posted on 09/15/2017 12:49:39 PM PDT by afraidfortherepublic
When Congress hauls in Equifax CEO Richard Smith to grill him, it can start by asking why he put someone with degrees in music in charge of the company’s data security.
And then they might also ask him if anyone at the company has been involved in efforts to cover up Susan Mauldin’s lack of educational qualifications since the data breach became public.
It would be fascinating to hear Smith try to explain both of those extraordinary items.
If those events don’t put the final nails in his professional coffin, accountability in the U.S. is officially dead.
Equifax “Chief Security Officer” Susan Mauldin has a bachelor’s degree and a master of fine arts degree in music composition from the University of Georgia. Her LinkedIn professional profile lists no education related to technology or security.
This is the person who was in charge of keeping your personal and financial data safe — and whose apparent failings have put 143 million of us at risk from identity theft and fraud. It was revealed this week that the massive data breach came due to a software vulnerability that was known about, and should have been patched, months earlier.
(Excerpt) Read more at marketwatch.com ...
Not being in that field and trying to remain objective, I agree with that concept. I know how corporate decisions get made and have no doubt this dynamic could have played in.
Strange thing is, if I remember accurately, Equifax had a problem in 2016 too.
At what point do they finally admit they MUST clamp down on security.
The really bad thing is, they have everyone’s data. None of us have to be involved at all in tracking our credit numbers. The date is still in their files, and subject to access by nefarious rogue people who have the smarts to do it.
IMO < people like this should be put away for life. They stand to screw up hundreds of millions of people’s lives (potentially), and that makes them unfit to be roaming free.
You are both wrong. Hire for management, hire team and trust team to do work. Worst thing is a micromanaging manager that thinks they know the work, yet haven’t done it in years. I train program and project managers and this is a recurring problem and shortcoming of many job reqs. You want a manager, you hire a manager, you want an engineer, you hire an engineer. These are two very different skill sets.
Oh no, here we go. :)
Well I hope this story doesn't end in a clef-hanger.
BS. You don’t hire music majors to run data security at Equifax. That doesn’t even pass the laugh test.
[ Well I hope this story doesn’t end in a clef-hanger. ]
If so, we’ll be trying to save “FACE” on a “Major scale”.
Maybe they thought “Minor”ity people were excluded with Every Good Boy Does Fine.
And then it fell Flat.
I’m not saying her security team must have a stellar educational background. Still, it wouldn’t hurt. As I alluded to earlier, at each management level, you need to be able to describe your process and make it clear you did your best to avoid problems.
How do you as mid a mid level manager justify hiring someone without a degree to lead a Security Department? The department manager’s qualifications would come into focus during any investigation. There’s enough blame to go around if the person does have an immaculate record, but if they don’t have a top level degree and resume, how can you expect the board or your supervisor to back you?
A good hire for direct hands on security could easily be someone without a degree, if they had 15-20 years management in the field, coping with similar concerns, with no major breaches, and also exemplary forward thinking objectives and goals.
Equifax is a top level concern, one of perhaps two or three major vendors in the field. This level of this enterprise demands absolute top rated talent.
Thanks for the comments. I agree with some of the things you mention.
My son is plugged into a little bit of the “dark web” so to speak and tells me that the underground rumor (which usually turns out to be true with his contacts) is that the admin user name and password was “admin”. Wouldn’t surprise me in the least.
Ping. Puns galore.
Who did Equifax outsource the work to? I heard it was Infosys.
“...is that the admin user name and password was “admin”.”
That is REALLY hard to believe.
They probably used “password” for the password.
did she sell stocks too before the announcement to the public?
Whatever you want to believe. You’d be surprised at how many music majors there are in IT.
Whatever you want to believe. You’d be surprised at how many music majors there are in IT.
As a poster on another site indicated. She has the primary qualification required in corporate America these days- a vagina.
Yes, we have to put up with the BS artists in IT. Don’t remind me.
Some people might think it is A minor issue, but the key is to C this through to the end.
Who does Equifax think it is, Gm?
Better than an H1B from India any day.
“But... but... music is like math, right?”
It kind of is. I knew basic fractions when I was four because of music.
And I was a Music major. We’re not bad or incompetent people. :)
What I **DON’T** see here is a CISSP or GIAC, or even a PMP. . .
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.