Home SecurityData Breach 7 security incidents that cost CISOs their jobs

7 security incidents that cost CISOs their jobs

by ethhack

CISOs can leave their job for any number of reasons, but a breach or other security incident often hastens their departure. 

According to Radware’s 2018 State of Web Application Security report, 23% of companies reported executive firings related to application attacks. US companies were more likely to say execs were let go after an incident, as were companies in the technology or financial services sectors.

While the CISO is not always let go — Kaspersky reports that  senior non-IT employees are laid off at 27% of enterprises (those with over 1,000 employees) that suffer a breach – their positions can often be at risk if there were clear security failures. A Nominet survey of over 400 CISOs in the US and UK conducted by Osterman Research found that 6.8% of CISOs in the US and 10% in UK believed that in the event of a breach they would lose their job. Just under 30% of survey respondents believed they would get an official warning.

Here are 7 major security incidents that cost security leaders their jobs in recent years. Take them for the learning opportunity that they are. 

1. Capital One

In July 2019 Capital One announced an attacker had gained access to the personal information of over 100 million customers. The bank learned of the attack months after the fact thanks to a tip-off from a security researcher. The suspected attacker, a former Amazon employee, reportedly took advantage of a misconfigured firewall. The company has said it expects the incident to cost it between $100 million and $150 million — mainly for customer notifications, credit monitoring and legal support — in 2019 alone.

In November the Wall Street Journal reported that Capital One had replaced Michael Johnson, the firm’s CISO since 2017, with the company’s CIO, Mike Eason, while it looks for a full-time replacement. Johnson continues at Capital One as an advisor focused on helping direct the bank’s response to the data breach.

Source link

Related Articles

Leave a Comment