CyberSecurity Should Be A CEO and Board-level Priority

CyberSecurity Should Be A CEO and Board-level Priority

Fortune 500 real estate title insurer First American Financial Corp. (ticker: FAF) leaked hundreds of millions of documents related to mortgage transactions dating back to 2003.

CEOs and Boards Need to Make CyberSecurity A Top Priority

We have previously taken the position on our podcast and in this newsletter that CyberSecurity is a C-level/ Board-level issue. Companies that don’t treat it as such ought to replace their CEO and inattentive Board members. The negligence by CEOs and Boards on this issue is dumbfounding. FAF’s lack of security ranks up there with Equifax for which we hope to never see that level of negligence again.

Documents leaked by FAF included bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images – all of which (approximately 885 million), were unprotected, available for anyone with a browser to access.

We would favor legislation that required all companies that store PII data to disclose their approach for securing that data. Unsecured PII data would be met with a significant fine.

Here is the full article as reported by Krebs security: click here

From DeepFakes to Fake Facebook Accounts to Handing Thieves the Keys

Our previous article – “F for Fake” – covered DeepFake technology and included video examples. DeepFake technology is highly sophisticated. The type of “Bot” fakery one finds on Facebook (see below), is a level or two down from a technology sophistication standpoint. Here in the case of FAF, no skills are required by would be bad actors – only Internet access. We have to be better about protecting personal data.

Facebook fake accounts removed. More than 2 billion in calendar Q1’19.