Recently, Equifax Inc was target of a hack that may have affected over 143 millions of Americans. It was pointed out that the Equifax’s Chief Security Officer Susan Mauldin didn’t had a degree in Information Technology. Based on her LinkedIn profile (now removed), Susan Mauldin had a degree in Music Composition. The folks at /r/technology and other tech websites wasted no time to make fun about the former CSO being unqualified for such import position in a corporation that handles a financial and Personal Identifiable Information (PII).
Possibly, this person was unqualified to hold the position. I tried to look at her previous work experience but Susan Mauldin seems to have removed her LinkedIn profile, leaving us with assumptions and doubts. Setting the LinkedIn profile private and later removing it, makes the actions look suspicious. It may be that Equifax and Susan Mauldin want to hide something from the public. Possibly trying to cover previous work experience that indeed confirms this person was not qualified for the position at all.
Now, it has come to light that several high profile employees from Equifax sold their stocks in the company ahead of the public announcement of the security breach. This has cause the Federal Government to initiate an investigation on illegal practices.
If Equifax messed up by hiring an unqualified person, it damages the image of the organization. When they try to cover facts, it kills public’s perception of the organization. It would be great if Equifax would provide some kind of transparency to the situation.
Disclaimer: I do not believe that the lack of a IT degree makes you unqualified for a job in the industry. I know several IT professionals that hold non-IT degrees and do a great job as Engineers and CISOs. I also know one or two individuals with Computer Science degree that cannot write a “Hello World” script.