Equifax Inc.'s hack shows pressure on corporate boards to step up cyber risk oversight.
Its settlement with the Federal Trade Commission, announced July 22, requires the credit rating company to pay up to $700 million, conduct annual assessments of security risks, and have the board annually issue compliance certifications.
Equifax has revamped its board’s system for monitoring cyber risks since the 2017 hack that exposed personal information of more than 140 million people and forced the company’s CEO to step down. The board has also added three new members with backgrounds in cybersecurity, technology, and data and analytics.
That makes ...