Search

Page

Onsite Training

Page

San Antonio Training Center

Page

Columbia Training Center

Address and Directions Focal Point Academy’s Columbia training facility is located at 8890 McGaw Road, Suite 200, Columbia, MD 21045.…
Page

Focal Point Academy Training Amenities

Focal Point Amenities Check out each of our training facilities, including nearby hotels and restaurants, or learn more about your…
Insight

The Equifax Settlement and Increasing Standards of Care Requirements

In September of 2017, Equifax, the largest of the three main credit reporting agencies, announced a data breach that exposed the personal information of 147 million consumers – almost 50% of the U.S. population. Due to a known, unpatched security vulnerability, hackers were able to gain access to a magnitude of unencrypted private consumer information, including names, Social Security numbers, dates of birth, credit card numbers, addresses, and even driver’s license numbers. More than two years after the breach was reported, Equifax has now reached a $575 million global settlement (with the potential to reach $700 million) with the Federal Trade Commission (FTC), the Consumer Financial Protection Bureau (CFPB), and the 50 U.S. states and territories. Based on the agreement, Equifax will allocate $175 million to the 50 U.S. states and territories, $100 million to the CFPB, $300 million to a fund that will provide credit monitoring services for affected consumers, and an additional $125 million fund in the event the initial $300 million is not enough to compensate consumers for their losses. In addition to paying restitution to the millions of victims of the data breach, Equifax also agreed to provide seven years of free assisted identity restoration services and six free credit reports each year for seven years. However, financial remedies are only part of the Equifax settlement agreement. Since the FTC alleges that Equifax violated the FTC Act and the Gramm-Leach-Bliley Safeguards Rule (GLBA) by failing to defend sensitive consumer data, the company is required to implement a comprehensive information security program. The program must be maintained for 20 years and protect the security, confidentiality, and integrity of consumers’ sensitive personal information This court ruling by the FTC against Equifax is only the beginning of the increased “Standards of Care” required for an organization’s cybersecurity program. As more organizations fall victim to a data breach and become involved in lawsuits or face regulatory actions, the courts will turn to this care benchmark to measure the organization’s practices to determine liability, fault, and punishment. Implementing these minimum Standards of Care set out by the FTC and updating your cyber insurance policies to include some, if not all, of these requirements, will help protect your organization in the wake of an incident. In Part 1 of our series tracking popular settlement actions and court cases, we’ll take a closer look at the specifics of the information security program required for Equifax and how these requirements may enhance your company’s security program as well.
Person

Christopher Jurs

Chris Jurs is the Vice President of Cybersecurity and Data Privacy at Focal Point.
Service

Application Developer

Chris is a junior-level web developer who wants learn new coding languages, so he can expand his skillset.
News Article

Focal Point Wins Identity Excellence Award for Innovative Vendor Access Solution

Focal Point today announced it received Ping Identity’s coveted Identity Excellence award in the “Better Together” category.
Insight

Automating Manual Processes at a Fast-Paced Healthcare Company

A fast-paced healthcare company engaged Focal Point to assist with automating their various manual processes. The Company’s manual processes presented…
New Search