Level: Between Low and Technical


Most everyone has heard of the 2017 Equifax breach and during the aftermath the narrative was pushed that it was all because of a missing patch. But it was much much more than that! The excellent House and Senate reports point out many issues and it certainly was a failure of leadership. In this presentation, I take some of the many discrete failures brought to light in these reports and line them up with their respective functional areas in the NIST CyberSecurity framework. This will highlight the cascade of failures than enabled this the breach and will hopefully get attendees to consider using this very approachable framework if they have not already done so.

With this presentation, attendees will gain a fuller understanding of this serious incident. This understanding can be used to avoid the same mistakes Equifax made and be used as a cautionary tale of what can happen to management when they fail to instruct the implementation of best security practices.


Jim Nemetz is originally from the United States and was the first kid on his block with an Atari 2600. (And the coolest until another kid down the street got an Intellivision.) He has been working in the computer/network/cyber security field for 20 years and can be frequently found on the European conference circuit.

Comments are closed.