Profile picture
Jake Williams @MalwareJake
, 8 tweets, 2 min read Read on Twitter
Equifax moved the IT security team out from under IT due to "fundamental disagreements." This is highlighted as a shortcoming in the report, but infosec shouldn't be under IT. Imagine if your internal audit group were subordinate to the group it was auditing. 1/n
The report goes on to discuss moving infosec back under IT. Again, in the vast majority of cases this is the wrong answer. If we are all holding hands around the campfire, then maybe this works. In the real world, it only works when the right personalities are in place. 2/n
This is why we need subject matter experts writing these reports. During the testimony, Committee members became fixated on the fact that IT and infosec were in different orgs. They then drew inferences from the fact that IT referred to infosec for answers (and vice versa) 3/n
But shouldn't we expect this? Infosec performs two major work roles for an organization: architecture and audit. Architecture helps IT design secure systems and audit helps find issues (both through periodic testing and real time monitoring). 4/n
The whole Enron event went down because Enron was in bed with their auditors. It's hard to not see where the corporate organizational structure recommended in this report can go very wrong. I've seen it first hand (repeatedly). 5/n
This portion of the report claims that separating IT and infosec created an "accountability gap." It created a distribution of work, but each team was "accountable" for its own work roles. Obviously communication between groups was a serious issue. We shouldn't downplay that. 6/n
What I read here is that Equifax, like so many other firms we've worked with for incident response, had a toxic relationship between IT and infosec. Combining the groups does nothing to fix your culture problems. I've seen it tried - without replacing leadership, it fails. 7/n
There's a lot of great information in the report that's never been publicly available (at least not in this format). But there are big misunderstandings in this report too. I believe the root cause is that non-SMEs are interpreting complex topics without true understanding. 8/8
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Jake Williams
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!