Don't blame Panera Bread's security guy just because he used to work at Equifax  - stocks - Don’t blame Panera Bread’s security guy just because he used to work at Equifax

The Panera Bread incident is a classic example of how to NOT handle a security , and there are definitely lessons other companies can from Panera Bread’s catalogue of mistakes.

However, I was disappointed to see so many wise security owls, on social media or their personal blogs, hooting over the fact that one of the Panera Bread security staff involved in the story used to at .

LinkedIn Equifax Panera Bread job history  - job history - Don’t blame Panera Bread’s security guy just because he used to work at Equifax

Yes, that Equifax. The one which was revealed to have been hacked last year, putting the details of hundreds of millions of consumers at risk.

It’s pretty ugly to beat up a particular named individual (I’ve redacted his name above) because a he used to work at had a serious security breach four years later.

In fact, I feel it’s pretty lousy to race to Panera Bread’s IT security team at all.

Are we really sure of the facts? Can we say with confidence that it’s them who are ultimately to blame for the hapless response to a serious security failing?

Or might there be some fault higher up in the company, which may not have given the IT security team the resources and wherewithal to determine where their efforts are best placed and fix what is so clearly broken?

All I’m saying is this: It’s not always easy to be the guy responsible for securing a company, but it’s pretty simple to pillory someone without knowing all the facts.

To hear further discussion of the Panera Bread security breach, check out this episode of the “Smashing Security” podcast.

Subscribe: Apple Podcasts | Google Play | Overcast | Stitcher | RSS for you nerds.

- aa9ea0686c5d1aa9086d4b12c3aa05f2 s 80 d mm r g - Don’t blame Panera Bread’s security guy just because he used to work at Equifax

About the author, Graham Cluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and gives presentations on the topic of computer security and online privacy.

Follow him on Twitter at @gcluley, Google Plus, Facebook, or drop him an email.

Follow @gcluley





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here