{"id":6369,"date":"2025-12-31T07:00:00","date_gmt":"2025-12-31T07:00:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=6369"},"modified":"2025-12-31T07:00:00","modified_gmt":"2025-12-31T07:00:00","slug":"equifax-europe-ciso-notorious-breach-spurred-cybersecurity-transformation","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=6369","title":{"rendered":"Equifax Europe CISO: Notorious breach spurred cybersecurity transformation"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

The 2017 Equifax\u00a0breach\u00a0was\u00a0one of biggest security incidents of the 21st century<\/a>. A textbook data leak case, the breach impacted more than 147 million people<\/a>, spawning a number of scandals and controversies, with the credit reporting agency being criticized for a range of issues, from a lax security posture to their botched response.<\/p>\n

The high-profile incident has proved transformational for the company. In the wake of the breach, the multinational company has fortified itself and now even provides advanced solutions for risk management, fraud, and compliance.<\/p>\n

Javier Checa<\/a>, the current CISO of Equifax for Continental Europe, is a computer\u00a0scientist with more than 20 years of experience in senior cybersecurity positions at various companies, including serving as information security director at El Corte Ingl\u00e9s. Checa wasn\u2019t with Equifax when the data breach occurred; he joined three years later. But he did experience the incident, which he describes as \u201cvery significant,\u201d from the outside.<\/p>\n

As he recalls in an interview with CSO\/Computerworld Spain, although \u201cthere had already been other similar incidents, for some reason, probably due to the type of customer and consumer information that Equifax handles, it did have a major impact on the industry at that time.\u201d Furthermore, he adds: \u201cWhile it\u2019s true that in subsequent years there have been much more serious incidents, [the Equifax breach] was a watershed moment in everything related to cybersecurity.\u201d<\/p>\n

A quick learning curve<\/h2>\n

Checa praises the work done by Mark W. Begor, Equifax\u2019s CEO since 2018, and\u00a0Jamil Farshchi,<\/a>\u00a0Equifax\u2019s global EVP, CISO, and CTO, who have led a complete transformation of the company at a time when it was still very badly affected both financially \u2014 it had to face $700 million in fines, compensation, and expenses to protect consumers after the data breach \u2014 and from a reputational point of view.<\/p>\n

A path in which the CEO\u2019s \u201cpersonal\u201d commitment to adopting the\u00a0cloud\u00a0IT delivery model\u00a0and the strengthening of cybersecurity\u00a0and trust to make the company a \u201csecurity leader\u201d have been vital.<\/p>\n

\u201cEquifax has invested nearly $3 billion in a complete overhaul of both our technology and security platforms,\u201d \u200b\u200bCheca says, adding that the change in the company\u2019s IT strategy is \u201ccomprehensive\u201d: \u201cBefore, the focus was more on technology, while now security is part of everything we do; it\u2019s embedded in all our processes.\u201d<\/p>\n

The company\u2019s CISO for Continental Europe explains that Equifax has built its strategy on the NIST Cybersecurity Framework and its Privacy Framework, which focuses more on the issue of privacy risks and the protection of personal information.<\/p>\n

\u201cWhere are we now?\u201d he asks. \u201cWe\u2019re in a happy place because we\u2019ve already completed the transformation of our infrastructure to the\u00a0cloud\u00a0model.\u201d<\/p>\n

Cloud\u00a0as a new technological axis<\/h2>\n

Equifax\u2019s $3 billion migration to\u00a0the cloud, \u201cwhich had been brewing for about seven years\u201d and which the company says is the largest technological investment in its history,\u00a0has involved moving more than 300 systems, over 30 product families, and thousands of customers to the company\u2019s cloud platform, Equifax Cloud, in Spain alone.<\/p>\n

\u201cNow, in Spain, for several months now, all the applications and products we serve to our customers are delivered from the cloud,\u201d Checa says. The project, carried out with Google Cloud, has not only consisted of migrating workloads, he adds, but \u201crestructuring, reorganizing, and refactoring all our assets to truly become a\u00a0cloud-native\u00a0company.\u201d<\/p>\n

The impact of cloud adoption on the company\u2019s security strategy has been clear: \u201cMy security philosophy isn\u2019t just about defining a framework of controls; security must have a very important technological component directly related to simplicity. Migrating to the cloud has made it easier for us to simplify all the components and the way we develop,\u201d Checa explains.<\/p>\n

The European CISO adds that it has been positive for the company to \u201creduce\u00a0legacy systems\u00a0to zero,\u201d one of the biggest problems for companies with a long market history.<\/p>\n

\u201cNow we have a live infrastructure whose systems we update and re-platform every month, something previously unthinkable,\u201d he says.<\/p>\n

The company has also seen its security processes simplified. \u201cAligning the cloud transformation with the security changes has allowed us to implement security controls, measures, and processes that are completely aligned with all the new technology we have,\u201d he points out.<\/p>\n

360-degree safety culture<\/h2>\n

\u201cNow, a\u00a0security culture is part of our DNA as a company,\u201d says Checa, who works within the multinational\u2019s team of 300 cybersecurity specialists.<\/p>\n

But \u201csecurity isn\u2019t just the responsibility of the technology or security team, but of every employee in the company,\u201d he adds. An example of this mindset is that, \u201cas Jamil [Farshchi] often mentions, Equifax was the first publicly traded company whose employees could access a bonus that included security as one of its components; an initiative that other companies have since copied.\u201d With this, Checa asserts, the company conveys the importance of cybersecurity to its entire workforce.<\/p>\n

When asked about the foundations of the multinational\u2019s information security strategy, Checa doesn\u2019t hesitate: \u201cTransparency and collaboration are our cybersecurity pillars.\u201d<\/p>\n

The first, \u201ca commitment from the CEO himself,\u201d has been key to regaining customer trust.<\/p>\n

\u201cIn 2017, after the incident, we needed to win back our customers\u2019 confidence. It\u2019s important to remember that at that time the company\u2019s stock price dropped significantly,\u201d the CISO explains. \u201cHaving delivered on our promises is one of the reasons why the company\u2019s stock price is now even higher than before the 2017 incident.\u201d<\/p>\n

But there\u2019s another kind of\u00a0transparency, \u201cthe kind we demand of ourselves,\u201d Checa continues.<\/p>\n

\u201cJamil always says it\u2019s easy to be motivated [to be transparent] after a security incident, but the challenge is maintaining that focus over time.\u201d That\u2019s why, Checa adds, the company decided five years ago to launch an annual security report \u201cwhere we truly open our doors and provide information that few companies had previously offered, from indicators of how long it takes us to respond to an incident to the click-through rate in our phishing simulations.\u201d<\/p>\n

Information, he says, that has helped Equifax gain in transparency and customer loyalty. Moreover, he acknowledges, \u201cthe biggest lesson learned from the incident is the need to be transparent to regain customer trust.\u201d<\/p>\n

Regarding the second pillar,\u00a0collaboration, Checa is clear about its value: \u201cIn the new environment of escalating threats we live in, we understand that no one can win this battle alone.\u201d<\/p>\n

Therefore, in addition to sharing security information to be more transparent, Equifax publishes its list of controls so that any company can use them.<\/p>\n

\u201cWe publish our core security not only for the sake of transparency, but so that all companies and governments worldwide can use it \u2014 information that has taken us a great deal of effort to develop,\u201d Checa says.<\/p>\n

Furthermore, he emphasizes that Equifax collaborates with security agencies such as the FBI and participates in more than 30 security forums. \u201cWe share knowledge, collaborate with states in developing their security awareness programs, and have even helped them resolve some security breaches,\u201d he says.<\/p>\n

\n

Juan Marquez | Foundry<\/p>\n<\/div>\n

Although the cyberattack on Equifax had an economic motive, the reasons driving cybercriminals today are highly diverse. \u201cWith the rise in geopolitical tension, new threats emerge and new actors enter the scene,\u201d explains Checa. These threats, he acknowledges, are \u201cmore complex, persistent, and sophisticated,\u201d and the actors \u201caren\u2019t really seeking short-term financial gain, but rather accumulating resources that will later facilitate other practices related to espionage, influence, and even corruption.\u201d<\/p>\n

According to the\u00a0company\u2019s latest report, with data from 2024<\/a>, Equifax neutralizes more than 15 million cyber threats every day, which represents 175 hostile attempts every second, a 25% increase compared to 2023. \u201cWe have seen a significant increase in attacks carried out with artificial intelligence,\u201d Checa adds.<\/p>\n

He reflects that AI \u201chas democratized cyberattacks, and now people with less technical knowledge can carry out more complex attacks.\u201d<\/p>\n

Checa also mentions the rise of\u00a0deepfakes, audiovisual content that appears real but has been manipulated with AI to deceive the audience. \u201cTo counter this, we have migrated to an authentication platform that allows employees accessing our services to use other authentication factors, both biometric and otherwise, instead of passwords.\u201d<\/p>\n

AI, on the other hand, is also already a defensive weapon, although Checa urges against using it for everything in cybersecurity, or certainly not as the sole option.<\/p>\n

\u201cOur strategy is hybrid. AI alone isn\u2019t capable of defending everything, although it\u2019s a great help. But you can\u2019t base all your defenses on a single technology; the more controls you put in different places and the more different types of technologies you use, the better,\u201d he says, explaining that Equifax leverages various signature protection technologies, among many others.<\/p>\n

Challenges of a regional CISO<\/h2>\n

The CISO acknowledges that cybersecurity management at Equifax is an activity handled internally and globally, although supported by local teams.<\/p>\n

\u201cMy responsibility as regional CISO is to ensure that the company\u2019s security program is properly implemented at the European level and that we are able to adapt to our specific regulatory environment,\u201d he says.<\/p>\n

Checa welcomes the EU\u2019s regulatory push in cybersecurity. \u201cThe main regulations that affect us are DORA, as financial service providers, and NIS2, and frankly, they haven\u2019t required anything we weren\u2019t already doing; we\u2019ve simply had to adapt certain aspects.\u201d<\/p>\n

He acknowledges that the need to comply with regulations means that \u201cmany companies with our risk appetite can secure the necessary cybersecurity budgets,\u201d and he points out that the NIS2 regulation has not yet been transposed into Spanish law. \u201cBut the delay also means that the transposition is being taken with the importance it deserves,\u201d he adds.<\/p>\n

He further argues that regulation has led to senior management now being directly responsible for company security, which has helped place it at the heart of corporate strategy in many companies. \u201cThe most important aspect of cybersecurity regulation, beyond the streamlining of processes and controls imposed by these regulations, is its strategic alignment with senior management.\u201d<\/p>\n

The executive is pleased that security, especially since the 2017 incident, has a high profile among Equifax\u2019s senior management. \u201cIn fact, I, as Equifax\u2019s CISO for Continental Europe, am part of the management committee, where the budget for this matter is decided,\u201d he says.<\/p>\n

Regarding the evolution of the CISO role in the market in general, Checa states: \u201cI\u2019ve been working in security since 2003, so yes, I\u2019ve seen a clear change in this function.\u201d First, he recalls, because \u201cit\u2019s a role that didn\u2019t even exist before, and when it emerged, it had a primarily technical focus. Over the years, it has evolved into a more strategic company profile, more closely tied to the business. The CISO must be a communicator capable of explaining the implications of cybersecurity for the business.\u201d<\/p>\n

When asked about the\u00a0relationship CISOs should have with their CIOs,<\/a>\u00a0to whom many CISOs report, Checa says: \u201cIn my opinion, there should be a certain degree of independence between the CIO and the CISO, but every company is different. In our case, our global CISO sits on the global management committee; we do as well at the local level.\u201d He acknowledges, however, that from a tactical perspective, it\u2019s beneficial to have close ties with the company\u2019s IT department. \u201cBut, as I said, the important thing is to analyze each company\u2019s specific circumstances, its risk appetite, and what works best for it.\u201d<\/p>\n

Looking ahead, Checa states that one of his biggest challenges as Equifax\u2019s CISO for Continental Europe is \u201ccontinuing to adapt to regulatory changes and being able to anticipate and adjust to all the new threats that emerge.\u201d He adds, \u201cMy greatest commitment to the company is to be a security leader that delivers value and business. To be a differentiator. That\u2019s what truly motivates and concerns me.\u201d<\/p>\n

Not forgetting all the work Equifax is already doing \u2014 which Checa says he can\u2019t reveal \u2014 to be prepared for the\u00a0post-quantum era: \u201cWe have very strong internal initiatives in this regard,\u201d he says.<\/p>\n

Checa works, as he explains, \u201cto ensure that security truly becomes a differentiator from a business perspective, and this, of course, involves protecting all the highly sensitive information we have about our clients and consumers.\u201d<\/p>\n

He acknowledges that the role of CISO is \u201cvery stressful, but also very rewarding, requiring you to give your best, keep learning, and always be prepared for change.\u201d He concludes that this role must be aware that \u201cyou can never reach the final state of security with all the evolving threats, technologies, and problems that exist today.\u201d<\/p>\n

PROFILE OF JAVIER CHECA<\/strong>Javier Checa<\/a> is a member of the board of directors of Equifax Iberia and Equifax CISO (Chief Information Security Officer) for Continental Europe. He joined the global credit information company in September 2021 as a senior security analyst and currently combines the role of CISO with that of security risk officer for Equifax Europe.\n

Checa is a professional with more than 20 years of experience in the cybersecurity field, with expertise in risk management, network security, identity management, security operations or DevSecOps. Before joining Equifax, he had responsibilities in cybersecurity at Capgemini, CGI, British Telecom and El Corte Ingl\u00e9s, where he was director of information security, leading several security programs for more than 200,000 users and 5,000 developers.<\/p>\n

Checa studied Computer Engineering at the Polytechnic University of Madrid and holds degrees in Data Networks Security Paradigms from the French National Higher School of Telecommunications and in Computer Aided Design of Digital Systems from the European Board of Technology Students, in addition to holding several specific certifications in the field of cybersecurity. <\/p><\/div>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

The 2017 Equifax\u00a0breach\u00a0was\u00a0one of biggest security incidents of the 21st century. A textbook data leak case, the breach impacted more than 147 million people, spawning a number of scandals and controversies, with the credit reporting agency being criticized for a range of issues, from a lax security posture to their botched response. The high-profile incident […]<\/p>\n","protected":false},"author":0,"featured_media":6370,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-6369","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6369"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6369"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/6369\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/6370"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6369"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6369"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6369"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}