My Authors
Read all threads
Alright, so let's answer this. First I assume you're talking about Susan Mauldin who was the CSO (not CIO) of Equifax at the time of the 2017 breach. She did indeed have a music degree, actually 2 (BA and MA). And I have no problem with that fact in and of itself. 1/
Degrees matter little in terms of job preparedness unless it's THE thing you're claiming prepares you for a role. As your experience grows, the need to rely on the educational components of a degree are lessened. By the time someone reaches an executive level, it's in many 2/
ways approaching irrelevancy. What is important is what did she do in her years of private sector work prior to Equifax. Well among other things she was a director of infosec audits and compliance at HP for 6 years. So I'd say she had some relevant experience. 3/
Both a UC Berkeley study and my own survey from the beginning of this year have found that most #Infosec professionals do not have a Cyber Security degree or a CS Degree. Some don't have any degree at all. There have been multiple high profile breeches where the 4/
executive overseeing security at the time did not hold a technology related degree yet their educational qualifications weren't questioned. Mauldin's were because some idiots on Reddit claimed she was a "diversity hire". The problem isn't the education, we actually don't 5/
know what it was at all. Was she a scapegoat? Did she elevate concerns that were ignored? Was she ineffective and influencing others? Did she not fit with the culture? Did she do everything right but an analysts mistake led to the vulnerable version of Struts remaining 6/
on the target system? We don't know any of the answers to these. So to look at her education on Linkedin and say well she had a BA in music and a Master's in Fine Arts therefore she wasn't qualified, is wholly irresponsible and misguided. So back to my answer to your 7/
question, how do I feel about her having that educational background? Well I couldn't give a shit less. What I care about is how did she do her job at HP and other companies and was it her job performance 8/
that led to the breach. Without insider info we'll never know. What I do know is that her degree is the least thing I'm concerned with. /FIN
Missing some Tweet in this thread? You can try to force a refresh.

Keep Current with Alyssa Miller - Speaking at DEFCON Career Hacking

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!