Susan Mauldin: Equifax CISO (Update: “Retired” Effective 9/15)
UPDATE: On September 15 (Friday), Russ David Ayres, Senior IT Manager at Equifax, was named to take over Susan Mauldin’s position, at least in the interim.
Susan Mauldin was the Chief Information Security Officer (CISO) at Equifax Inc when the massive data hack occurred.
She has been with Equifax as CSO / CISO since 2013. She was previously Senior Vice President and Chief Security Officer at First Data Corporation, until July 2013. Mauldin was SunTrust Banks’ Group Vice President from 2007 to 2009. It is still unconfirmed whether her stint at SunTrust was in fact overseeing call-center operations.
Mauldin’s education credentials include a bachelor’s degree in music composition (magna cum laude) and a Master of Fine Arts degree in music composition (summa cum laude), both from the University of Georgia.
In March 2016, Equifax CISO Susan Mauldin was interviewed on camera by the CEO of the big-data company Cazena.
UPDATE: The videos featuring parts of an interview with Susan Mauldin, which were embedded on this page, have been taken down as of the afternoon of September 10.
https://www.youtube.com/watch?v=3O-VB09IdHU
https://www.youtube.com/watch?v=w_2ABbwSYbsThe audio-only version of the interview that was publicly available on Soundcloud has also been scrubbed from the web.
A partial transcript of her remarks during the interview have been archived for posterity by a third party. http://archive.is/6M8mg
UPDATE: On September 15, late Friday evening, jlgaddis was able to provide a link to a copy of one of the videos. And a commenter farther down this page also contributed this copy uploaded to YouTube. It is one of the two known video clips of the Cazena interviews with Susan Mauldin where she talks about the role of a CISO.
https://www.youtube.com/watch?v=vUskCtFOKdg
Susan Mauldin’s old and current LinkedIn pages in Google search results as of 9/9/2017
Mauldin’s original LinkedIn page was on this url before it was made completely private:
linkedin.com/in/susan-mauldin-93069a (now a 404 page not found)
The page reappeared a few days after the news of the data hacking broke, with a different url and with the specific detail that her degrees were in Music Composition removed. Her surname Mauldin was also replaced with the initial letter M.
linkedin.com/in/susan-m-93069a
Among the skills touted on her LinkedIn page: Data Center, IT Solutions, PCI DSS, IT Service Management, IT Outsourcing
During her employment with First Data Corporation in Atlanta, she was identified with the following titles:
* Senior Vice President, Enterprise Security, Risk and Compliance
* SVP Enterprise Information Security, Risk & Compliance
Her title at Hewlett Packard (HP) appears to have been Senior Director of Information Security and Audit Compliance.
Below is a recent Equifax job ad for a Vice President of Cybersecurity under the Global Chief Security Officer, also known as Chief Information Security Officer.
According to this job ad, the VP of Cybersecurity will be reporting to the Global CSO / CISO.
David “Dave” Webb is chief information officer for Equifax, where he is responsible for leading a global team of IT professionals in delivering the technology strategy as well as support for the company’s consumer and business solutions. He joined the company in 2010.
Webb earned a bachelor’s degree in Russian from the University of London and a master’s degree in business administration from the J.L. Kellogg Graduate School of Management at Northwestern University.
UPDATE: On September 15, Dave Webb was reportedly replaced by Mark Rohrwasser in his role as Equifax CIO.
More: 2011 video of EFX’s Trey Loughran giving advice to those whose personal data have been hacked
http://imgur.com/a/f62Nz
Thanks for the tip!
Posted here. https://www.hollywoodlanews.com/equifax-cio-replaced-security-expert-tech-speaker/
Incompetence at its best. D Webb and R Smith should be fired immediately.
The live interview is still available at http://embed.wistia.com/deliveries/18786eb50f9372f0996785bd30c86c9381e524ad.bin
Sorry we belatedly found your comment. Akismet had placed it in the spam folder.
Thanks for sharing!
Summa Cum Laude and not a note to hear or read online? Golly, that’s not peculiar, is it.
So neither one of them knew a doggone thing about computers or cyber security. A woman with a music degree in charge of cyber security, brilliant.
Reeks of a diversity hire, maybe even a trophy diversity hire.
Diversity is our strength here in progressive corporate America.
Someone without a degree-related corporate job… hey! Did you know that Amazonian megabiodiversity is being destroyed? SOLD to a Chinese company? #SaveYasuní Did you know that the widow of Nobel of Peace is still captive after her husband’s hastily arranged funeral? #FreeLiuXia
Music to first job in tech. Makes perfect sense.
Here’s an interview on youtube of Susan Mauldin talking about the challenges she faces as CISO.
They let her retire which is nice of them and she is not fully at fault rather all the fat cats around here are more so. They make billions off of our information, but chose not to put almost of all that towards keeping it safe?
Overall socials can no longer be used for private identification. A change needs to happen and it needs to happen now!
So the CISO had a degree in music and the CIO a degree in Russian?
Prime example of “It’s not what you know…It’s who you know!”
First Data has a few leaders with music/arts degrees. Diversity vs qualification?
I don’t think people realize, THIS WAS THE SECOND HACK IN FIVE MONTHS!
I don’t question the ability of people to move into different areas – I spent an entire career reinventing myself. The amount of time it took Susan to crack the C-Level is interesting given the level of competition I observed in my 20 years of InfoSec experience.
Stumbled across this thread. I’ve been trying to find a copy ofthe interview where she, no lie, described her work as being like “Captain Kirk fighting the Borg.” If anyone has a copy of the video, please contact me.