Hacker News new | ask | show | jobs
by subie 3205 days ago
Equifax's Chief security officer may have had a lack of knowledge in the domain she was hired for(A very important role).

They ignored security warnings from Apache and now we have the fallout from the breach. So did the CSO's lack of security knowledge aide in the breach? If so that is on Equifax for hiring her into that role.
1 comments
floatingatoll 3205 days ago
I'm unable to follow your logic here, as there's a missing component of the explanation.

How does the CSO's multiple degrees in Music convey a lack of knowledge in the domain she was hired for?

It doesn't, because there's no information to derive there. I believe you are attempting to construct an argument that says that an offtopic degree disqualifies her to be a skilled practitioner by default.

This is wrong. The topic of someone's degree has no implicit bearing on their work experience before and after it.

LinkedIn shows endorsements by tens of people at each of her jobs in the specific labels "Information Security", "Disaster Recovery", and "Business Continuity". By that basis, she is perfectly qualified to handle this breach.

Unfortunately, that information - which takes up as much or more screen space on her LinkedIn page than her dual degrees - wasn't considered relevant by the OP, and is being studiously ignored for some unknown reason.

link
gaius 3205 days ago
LinkedIn shows endorsements by tens of people at each of her jobs in the specific labels "Information Security", "Disaster Recovery", and "Business Continuity". By that basis, she is perfectly qualified to handle this breach

LinkedIn endorsements are as meaningful as Facebook likes.

link
floatingatoll 3205 days ago
Of course her LinkedIn profile does not correctly reflect her experience and qualifications.

Yet here we are, on Hacker News, with people calling her out for not having security experience based on her LinkedIn profile having an Art degree, rather than a Science degree.

I agree wholeheartedly with you that LinkedIn is as meaningful as Facebook. We absolutely should not be here evaluating her qualifications based on her LinkedIn profile. Any conclusions therein derived would be obviously wrong, by your own point.

link
subie 3205 days ago
Nobody is outright saying she doesn't have the experience. Clearly some employees at Equifax were ignoring security vulnerabilities. The first person you look at is the CSO.

The Linkedin doesn't paint the whole picture but it could indicate something and that what's being pointed out.

This isn't an attack on a single person it's an attempt to figure out how the biggest breach of user information in history went down.

link
subie 3205 days ago
> LinkedIn shows endorsements by tens of people at each of her jobs in the specific labels "Information Security", "Disaster Recovery", and "Business Continuity"

You're right, She was qualified.

link