Anmerkungen:
Nach Informationen von SSRN wurde die ursprüngliche Fassung des Dokuments 2020 erstellt
Beschreibung:
The Equifax data breach, announced in September 2017, occupies the top 10 charts of the largest data breaches in history. While the 148 million affected persons do not bring the event to the top, but the sensitivity of the data stolen makes it one of the most impactful incidents for consumers. The data breach has been investigated by various federal and state agencies that collected and analyzed over 45,000 pages of related documents. This research is built upon those findings and identifies the root causes of the control failures of Equifax’s cyber defense system, and determines the improvements to reduce the likelihood of future similar incidents. We reconstructed the Equifax hierarchical cyber safety control system, identified what parts failed and why, and determined the necessary improvements by applying our Cybersafety method, inspired by Causal Analysis using Systems Theory (CAST). This work demonstrates how to discover reasons for the failure of safety and security mechanisms and compose improvement actions. It also provides a set of points individuals can evaluate in their organizations