How to recover from a cyberattack

Directly after a data breach, security executives might look for new tools or technologies to implement in their business. According to cybersecurity leader Jamil Farshchi, the real priority lies within organizational culture.

Equifax Chief Information Security Officer (CISO) Jamil Farshchi has worked on the frontlines of cybersecurity throughout his career, joining Home Depot and then Equifax after cyberattacks compromised enterprise data and rebuilding the organizations' security programs.

In a session at the inaugural NSF Information Security Symposium: Compliance vs. Attack, Farshchi sat down with NSF International Strategic Registrations Director of Information Security Tony Giles to discuss lessons learned from his experiences on the cyber battlefield.

Farshchi credits his team's success defending against three to four million security threats daily to a focus on organizational culture. Specifically, an enterprise organization needs to foreground security from the ground up in order to successfully defend against the magnitude of threats facing businesses today.

"If you don't have the organizational culture outside of the security program, for example with the technology and the executive leadership team, you are going to underperform," says Farshchi. C-suite buy-in and partnering with the technology side of an organization can better ensure enterprise security by training more eyes to watch for threats and implementing a shared responsibility model.

When enterprise organizations experience a data breach, Farshchi often fields calls from other CISOs seeking industry knowledge. He says that when he emphasizes the importance of a security-first culture, many security executives have viewed it as a lower priority directly after a breach. That should change, according to the cybersecurity professional.

The reasons for prioritizing culture after a breach are two-fold, says Farshchi. "[A focus on security-minded culture] generates by far, in my opinion, the best upside, and it positions you for a sustainable program that's going to be able to manage that risk," he says. "The other reason is because culture takes forever to implement and change throughout the organization, particularly if you're an organization of any meaningful size. And so you've got to start that on day one."

Enterprise security leaders looking to recover after a data breach should initiate steps to implementing a security focus in their organizations as soon as possible, according to Farshchi. He says that the goal of cybersecurity leaders post-breach should be to have each employee understand their role in protecting the business. "We're all responsible for security, no matter what our roles are within this organization."

Madeline Lauver is a former Editor in Chief at Security magazine. Within her role at Security, Lauver focused on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.