The headline-making Equifax data breach was one of the worst ever. Equifax exposed approximately 143 million consumers, but did not notify any of them. This data breach exposed vital information, such as driver’s license, credit cards, social security numbers, addresses, and birth dates.
According to the Ponemon Institute, which conducts independent research on privacy, data protection and information security policy, the global average cost of data breaches is approximately $3.62 million. What led to this massive data breach with Equifax and what can cannabis businesses learn from this?
Cannabis businesses already have a lot of negative biases working against them from various industries and institutions. While there has been a lot of progress, there is still a lot of room for improvement, starting with the banking system. But that’s another topic for another time. The point is not to procrastinate or wait to disclose if your business suffered a breach.
Meanwhile the official Equifax Twitter account repeatedly and mistakenly sent people to a fake phishing link (securityequifax2017). The fake site was a spoof set up by a software engineer, Nick Sweeting, just to show how easy it was to fool people.
In the event of a cyberattack or data breach, make something available for your customers to check to see if their information was exposed on your main site; don’t confuse them with a secondary domain they’ve never seen before. It doesn’t help things and it makes it super easy for cyber attackers to set up a site to deceive your customers.
Is there a silver lining? The saying goes that every cloud has a silver lining, but it may not be that easy to find it in this instance. Over 143 million consumers have been breached. The worst part is that Equifax could have easily avoided it. By simply applying NIST’s Cybersecurity Framework, Equifax could have protected their data. By misdirecting and delaying disclosure, we can see that there is definitely an alarming lack of care and concern. Another investigation is underway by the Federal Trade Commission. Security is serious business. This is where cannabis firms want to take heed and learn.
Michelle Drolet is founder of Towerwall, a woman-owned cybersecurity and cannabis compliance services provider in Framingham, Mass., with clients such as CannaCare, Smith & Wesson, Covenant Healthcare and many mid-size organizations. She can be reached at [email protected].
Your email address will not be published. Required fields are marked *
Name *
Email *
Website
Save my name, email, and website in this browser for the next time I comment.
Comment *
Notify me of follow-up comments by email.
Notify me of new posts by email.
Δ
Saturday marks marijuana culture’s high holiday, 4/20, when college students gather — at 4:20 p.m. — in clouds of smoke on campus quads and pot shops in legal-weed states thank…
The state budget that’s expected to be adopted in the coming days calls for repealing the potency tax on marijuana products as well as new regulations intended to give local municipalities, including…
SEATTLE (AP) — Saturday marks marijuana culture’s high holiday, 4/20, when college students gather — at 4:20 p.m. — in clouds of smoke on campus quads and pot shops in…
Significant adjustments have been made to Connecticut House Bill No. 5150, the omnibus cannabis/hemp legislation that is waiting to be taken up by the full House. An amended version of…