PDF iconDownload This Paper
Open PDF in Browser
Add Paper to My Library
Permalink
Using these links will ensure access to this page indefinitely
Copy URL
Copy DOI

A Systematic Study of the Control Failures in the Equifax Cybersecurity Incident

MIT Sloan Research Paper No. 2020-19

25 Pages Posted: 27 Jan 2022

See all articles by Ilya Kabanov

Ilya Kabanov

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Stuart Madnick

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Date Written: 2020

Abstract

The Equifax data breach, announced in September 2017, occupies the top 10 charts of the largest data breaches in history. While the 148 million affected persons do not bring the event to the top, but the sensitivity of the data stolen makes it one of the most impactful incidents for consumers. The data breach has been investigated by various federal and state agencies that collected and analyzed over 45,000 pages of related documents. This research is built upon those findings and identifies the root causes of the control failures of Equifax’s cyber defense system, and determines the improvements to reduce the likelihood of future similar incidents. We reconstructed the Equifax hierarchical cyber safety control system, identified what parts failed and why, and determined the necessary improvements by applying our Cybersafety method, inspired by Causal Analysis using Systems Theory (CAST). This work demonstrates how to discover reasons for the failure of safety and security mechanisms and compose improvement actions. It also provides a set of points individuals can evaluate in their organizations.

undefined

Suggested Citation

Kabanov, Ilya and Madnick, Stuart E., A Systematic Study of the Control Failures in the Equifax Cybersecurity Incident (2020). MIT Sloan Research Paper No. 2020-19, Available at SSRN: https://ssrn.com/abstract=3957272 or http://dx.doi.org/10.2139/ssrn.3957272

Ilya Kabanov

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

100 Main Street
E62-416
Cambridge, MA 02142
United States

Stuart E. Madnick (Contact Author)

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

E53-321
Cambridge, MA 02142
United States
617-253-6671 (Phone)
617-253-3321 (Fax)

PDF iconDownload This Paper
Open PDF in Browser

0 References

    0 Citations

      Do you have a job opening that you would like to promote on SSRN?

      Place Job Opening

      Paper statistics

      Downloads
      1,104
      Abstract Views
      2,812
      Rank
      42,178
      1 Citations
      54 References
      PlumX Metrics
      Plum Print visual indicator of research metrics
      • Citations
        • Citation Indexes: 1
      • Usage
        • Abstract Views: 2735
        • Downloads: 1089
      • Captures
        • Readers: 37
      • Mentions
        • References: 1
      see details

      Related eJournals

      • MIT Sloan School of Management Working Paper Series

        Follow

        MIT Sloan School of Management Working Paper Series

        Subscribe to this free journal for more curated articles on this topic

        FOLLOWERS
        7,329
        PAPERS
        1,033
        This Journal is curated by:
        Michelle Hanlon at Massachusetts Institute of Technology (MIT) - Sloan School of Management

      • Electrical Engineering eJournal

        Follow

        Electrical Engineering eJournal

        Subscribe to this fee journal for more curated articles on this topic

        FOLLOWERS
        146
        PAPERS
        17,665