{"id":21472,"date":"2017-11-16T08:48:49","date_gmt":"2017-11-16T14:48:49","guid":{"rendered":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/"},"modified":"2017-11-16T08:48:49","modified_gmt":"2017-11-16T14:48:49","slug":"the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach","status":"publish","type":"post","link":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/","title":{"rendered":"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach"},"content":{"rendered":"<figure>\n<div class=\"feature-image\"><img decoding=\"async\" class=\"aligncenter size-full\" src=\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png\" alt=\"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach\"><\/div>\n<\/figure>\n<p>A shattered corporate reputation, a CEO forced to resign, a 35 percent drop in stock prices, multiple class action lawsuits, a Congressional hearing, and more than 145 million victims. That&#x2019;s what happened to Equifax in September 2017 &#x2013; and &#x201C;value stream thinking&#x201D; could&#x2019;ve prevented it.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#How_did_the_Equifax_breach_happen\" >How did the Equifax breach happen?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#When_IT_is_the_CEOs_Biggest_Blind_Spot\" >When IT is the CEO&#x2019;s Biggest Blind Spot<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#Value_Stream_Strategies_for_Complex_Software_Delivery_Organizations\" >Value Stream Strategies for Complex Software Delivery Organizations<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"How_did_the_Equifax_breach_happen\"><\/span><strong>How did the Equifax breach happen?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>According to the <a href=\"https:\/\/www.pbs.org\/newshour\/nation\/equifax-hack-happened-according-ceo\">testimony<\/a> given to Congress by former-Equifax CEO, Richard Smith, the Equifax IT department had neglected to apply a security patch. This patch would have fixed a security vulnerability in <a href=\"https:\/\/struts.apache.org\/\">Apache Struts<\/a>, an open source software application that Equifax was using for its online disputes portal.<\/p>\n<p>Smith claims that on March 8<sup>th<\/sup>, the US-CERT &#x2013; which stands for &#x2018;The United States Computer Emergency Readiness Team&#x2019;, a department of the DHS &#x2013; notified Equifax and many other companies of the Apache Struts vulnerability.<\/p>\n<p>Equifax sent an internal email to the company&#x2019;s IT personnel to patch it. However, it was not patched. &#x201C;An individual did not ensure communication got to the right person to manually patch the application,&#x201D; <a href=\"https:\/\/www.nytimes.com\/2017\/10\/03\/business\/equifax-congress-data-breach.html?login=google\">said Smith<\/a>. Moreover, the company&#x2019;s automated vulnerability scans also failed to detect the vulnerability.<\/p>\n<p>Across May-July 2017, hackers exploited the vulnerability to gain illegal access to Equifax&#x2019;s systems. They obtained names, birthdates and social security numbers of more than 145 million Americans, exposing them as prime targets for identity theft.<\/p>\n<p>The CEO was first notified of the breach on July 31<sup>st<\/sup>, whereby Equifax began compiling the names of the affected people. They only announced the breach to the public, however, on September 7th. This is one example of the many outrageous things in Equifax&#x2019;s conduct following the breach, and it&#x2019;s definitely too much to unpack here. But if you&#x2019;re curious, read CSR&#x2019;s complete <a href=\"https:\/\/csrps.com\/meticulous-timeline-equifax-data-breach\">timeline<\/a>.<\/p>\n<p>But here&#x2019;s what <em>we<\/em> want to ask:<\/p>\n<p>Just how can a credit bureau of Equifax&#x2019;s size, responsible for safeguarding billions of sensitive records on Americans&#x2019; financial lives, be managing its security vulnerability patching by email? And how could Equifax not have an automated and traceable workflow for security patching?<\/p>\n<p>The answer, we think, lies in the company&#x2019;s lack of &#x201C;value stream thinking&#x201D;.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"When_IT_is_the_CEOs_Biggest_Blind_Spot\"><\/span><strong>When IT is the CEO&#x2019;s Biggest Blind Spot<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>If there&#x2019;s one thing that has become painfully clear to Equifax following the breach, it&#x2019;s this: a company is only as strong as its IT organization. And that&#x2019;s true for every company in any industry. It doesn&#x2019;t matter if you are in financial services, healthcare, government, retail or hospitality.<\/p>\n<p>To acknowledge this fact is to recognize that <strong>IT exists to deliver critical business value<\/strong>. And as such, IT requires the same meticulous attention as other core organizational functions such as sales, finance and manufacturing.<\/p>\n<p>At Equifax, that wasn&#x2019;t the case. Richard Smith had allowed IT to become a place where requests go in and you never know what happened to them. A place managed by email with no follow through. A place with poor traceability and little accountability. IT, in that sense, was the CEO&#x2019;s biggest blind spot.<\/p>\n<p>Value stream thinking could have changed all that. Because the value stream mindset understands that <em>all <\/em>your processes are designed to deliver value to the business as efficiently as possible.<\/p>\n<p>So, in the case of Equifax, where your business is keeping millions of Americans&#x2019; personal identifiable information safe so you can monetize it, the value stream includes the steps you take to keep that data secure.<\/p>\n<p>To achieve an <a href=\"http:\/\/go.tasktop.com\/Getting-Visual-Value-Stream-Integration.html\">efficient value stream<\/a> you must automate and trace the end-to-end flow of work from owner to owner, as it moves through the various phases till completion, applying value stream management principles:<\/p>\n<figure id=\"attachment_9238\" aria-describedby=\"caption-attachment-9238\" style=\"width: 871px\" class=\"wp-caption alignnone\"><img class=\"lazyload\" alt height=\"406\" data-src=\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-value-stream-thinking.png\"><figcaption id=\"caption-attachment-9238\" class=\"wp-caption-text\">Value streams are revealed by automating the flow of artifacts across tools<\/figcaption><\/figure>\n<p>If Equifax was thinking value stream, they wouldn&#x2019;t have sent someone an email to apply the patch. Rather there would have been a process to create a task for the relevant owner to apply the patch. There would be automated alerts when 24 hours go by without the patch being applied. The alerts would clear only when the owner indicated the task as done.<\/p>\n<p>There would also be reports that measure the cycle time for security patch application &#x2013; so Equifax could see how long it takes them to apply security patches once notified, check if they&#x2019;re on target, and adjust the process if there&#x2019;s room for improvement.<\/p>\n<p>Equifax would have complete traceability of the end-to-end process &#x2013; from the moment the CERT notification was received until the patch was running in production.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Value_Stream_Strategies_for_Complex_Software_Delivery_Organizations\"><\/span><strong>Value Stream Strategies for Complex Software Delivery Organizations<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The software delivery value stream is a tough one to manage, not least because the work is intangible. Unlike an assembly line, you simply cannot see the parts. And it surely was complex at Equifax as well, a company of more than 10,000 employees with 58 solutions and 154 products, according to their <a href=\"https:\/\/www.equifax.com\/business\/all-products\/\">website<\/a>.<\/p>\n<p>But the good news for all of us is that the end-to-end value stream can be made visible through the digital artifacts that represent the work, such as features, code, tests, defects, builds, vulnerabilities, patches and support tickets.<\/p>\n<p>By automating the flow of artifacts from tool to tool and from owner to owner, you can trace the work. You can see your value stream, manage it and optimize it. Equifax could have done this, and eliminated both the &#x201C;human error and technology failures&#x201D; that they blamed for the breach.<\/p>\n<figure id=\"attachment_9237\" aria-describedby=\"caption-attachment-9237\" style=\"width: 974px\" class=\"wp-caption alignnone\"><img class=\"lazyload\" alt height=\"734\" data-src=\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-integration-hub_value-stream-network.png\"><figcaption id=\"caption-attachment-9237\" class=\"wp-caption-text\">Value streams are defined and visualized by automating the flow of artifacts across tools<\/figcaption><\/figure>\n<p>Discovering your software delivery value stream usually starts with a pen and paper, or more likely &#x2013; a whiteboard and marker.<\/p>\n<p>Here&#x2019;s what we recommend:<\/p>\n<ol>\n<li>Start by drawing the end-to-end flow of work. <strong>Describe the phases work goes through from inception to completion<\/strong> &#x2013; tracing the owners and the handoffs. At this point, we&#x2019;re talking high level.<\/li>\n<li>Next, go deeper. <strong>Identify the artifacts<\/strong> that get created at each stage. Artifacts are things like features, epics, stories, tests, defects, builds, releases, vulnerabilities, and support tickets.<\/li>\n<li>Now <strong>identify the tools used to store and manage the artifacts<\/strong>. Identify the statuses an artifact goes through and think about how currently those handoffs are occurring. Is someone sending an email &#x201C;I&#x2019;m done&#x201D;? Are you updating each other in status meetings? Do you need to send an instant message to your colleague or pop by her office? Is there a checklist you need to update?<\/li>\n<li>Finally, think about how you can <strong>automate the flow of information between the tools<\/strong> to eliminate manual entry, status meetings, and informal handoffs. Perhaps you&#x2019;ll discover you need some new tools, as well.<\/li>\n<\/ol>\n<p>Now, we&#x2019;re the first to admit that this is not an easy undertaking. It&#x2019;s actually quite challenging and it can&#x2019;t be done overnight. You can read about <a href=\"\/the-process-of-creating-a-process\">our own experiences<\/a> doing it right here at Tasktop.<\/p>\n<p>But it is vital, and it&#x2019;s your only choice if you don&#x2019;t want to be the next Equifax.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A shattered corporate reputation, a CEO forced to resign, a 35 percent drop in stock prices, multiple class action lawsuits, a Congressional hearing, and more than 145 million victims. That&#x2019;s what happened to Equifax in September 2017 &#x2013; and &#x201C;value stream thinking&#x201D; could&#x2019;ve prevented it. How did the Equifax breach happen? According to the testimony&#8230;<\/p>\n","protected":false},"author":223,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_editorskit_title_hidden":false,"_editorskit_reading_time":0,"_editorskit_is_block_options_detached":false,"_editorskit_block_options_position":"{}","footnotes":""},"categories":[9543],"tags":[],"class_list":["post-21472","post","type-post","status-publish","format-standard","hentry","category-value-stream-management"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.8 (Yoast SEO v26.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>The CEO\u2019s biggest blind spot - how Value Stream Thinking could have prevented the Equifax IT breach | Tasktop Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach\" \/>\n<meta property=\"og:description\" content=\"A shattered corporate reputation, a CEO forced to resign, a 35 percent drop in stock prices, multiple class action lawsuits, a Congressional hearing, and more than 145 million victims. That&#x2019;s what happened to Equifax in September 2017 &#x2013; and &#x201C;value stream thinking&#x201D; could&#x2019;ve prevented it. How did the Equifax breach happen? According to the testimony...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"Planview Blog\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/pages\/Planview-Inc\/89422974772\" \/>\n<meta property=\"article:published_time\" content=\"2017-11-16T14:48:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png\" \/>\n<meta name=\"author\" content=\"Naomi Lurie\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Planview\" \/>\n<meta name=\"twitter:site\" content=\"@Planview\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Naomi Lurie\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/\"},\"author\":{\"name\":\"Naomi Lurie\",\"@id\":\"https:\/\/blog.planview.com\/#\/schema\/person\/2914f3ce615f74715dc9fe4f03072153\"},\"headline\":\"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach\",\"datePublished\":\"2017-11-16T14:48:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/\"},\"wordCount\":1232,\"publisher\":{\"@id\":\"https:\/\/blog.planview.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png\",\"articleSection\":[\"Value Stream Management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/\",\"url\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/\",\"name\":\"The CEO\u2019s biggest blind spot - how Value Stream Thinking could have prevented the Equifax IT breach | Tasktop Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.planview.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png\",\"datePublished\":\"2017-11-16T14:48:49+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage\",\"url\":\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png\",\"contentUrl\":\"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.planview.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.planview.com\/#website\",\"url\":\"https:\/\/blog.planview.com\/\",\"name\":\"Planview Blog\",\"description\":\"Leading the conversation on digital connected work\",\"publisher\":{\"@id\":\"https:\/\/blog.planview.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.planview.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/blog.planview.com\/#organization\",\"name\":\"Planview\",\"url\":\"https:\/\/blog.planview.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.planview.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/blog.planview.com\/wp-content\/uploads\/2015\/06\/planview-logo-black.png\",\"contentUrl\":\"https:\/\/blog.planview.com\/wp-content\/uploads\/2015\/06\/planview-logo-black.png\",\"width\":280,\"height\":66,\"caption\":\"Planview\"},\"image\":{\"@id\":\"https:\/\/blog.planview.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"http:\/\/www.facebook.com\/pages\/Planview-Inc\/89422974772\",\"https:\/\/x.com\/Planview\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.planview.com\/#\/schema\/person\/2914f3ce615f74715dc9fe4f03072153\",\"name\":\"Naomi Lurie\",\"description\":\"Naomi Lurie is VP Product Marketing at Tasktop. She is passionate about making businesses successful through effective customer-centric communication. With over 15 years of B2B product management and marketing experience, she specializes in large enterprises and their digital transformations.\",\"url\":\"https:\/\/blog.planview.com\/author\/naomi-lurie\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The CEO\u2019s biggest blind spot - how Value Stream Thinking could have prevented the Equifax IT breach | Tasktop Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/","og_locale":"en_US","og_type":"article","og_title":"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach","og_description":"A shattered corporate reputation, a CEO forced to resign, a 35 percent drop in stock prices, multiple class action lawsuits, a Congressional hearing, and more than 145 million victims. That&#x2019;s what happened to Equifax in September 2017 &#x2013; and &#x201C;value stream thinking&#x201D; could&#x2019;ve prevented it. How did the Equifax breach happen? According to the testimony...","og_url":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/","og_site_name":"Planview Blog","article_publisher":"http:\/\/www.facebook.com\/pages\/Planview-Inc\/89422974772","article_published_time":"2017-11-16T14:48:49+00:00","og_image":[{"url":"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png","type":"","width":"","height":""}],"author":"Naomi Lurie","twitter_card":"summary_large_image","twitter_creator":"@Planview","twitter_site":"@Planview","twitter_misc":{"Written by":"Naomi Lurie","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#article","isPartOf":{"@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/"},"author":{"name":"Naomi Lurie","@id":"https:\/\/blog.planview.com\/#\/schema\/person\/2914f3ce615f74715dc9fe4f03072153"},"headline":"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach","datePublished":"2017-11-16T14:48:49+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/"},"wordCount":1232,"publisher":{"@id":"https:\/\/blog.planview.com\/#organization"},"image":{"@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png","articleSection":["Value Stream Management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/","url":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/","name":"The CEO\u2019s biggest blind spot - how Value Stream Thinking could have prevented the Equifax IT breach | Tasktop Blog","isPartOf":{"@id":"https:\/\/blog.planview.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage"},"image":{"@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png","datePublished":"2017-11-16T14:48:49+00:00","breadcrumb":{"@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#primaryimage","url":"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png","contentUrl":"https:\/\/media.planview.com\/tasktop_blog\/wp-content\/uploads\/2017\/11\/tasktop-it-security-value-stream-thinking.png"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.planview.com\/the-ceos-biggest-blind-spot-how-value-stream-thinking-could-have-prevented-the-equifax-it-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.planview.com\/"},{"@type":"ListItem","position":2,"name":"The CEO\u2019s biggest blind spot \u2013 how Value Stream Thinking could have prevented the Equifax IT breach"}]},{"@type":"WebSite","@id":"https:\/\/blog.planview.com\/#website","url":"https:\/\/blog.planview.com\/","name":"Planview Blog","description":"Leading the conversation on digital connected work","publisher":{"@id":"https:\/\/blog.planview.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.planview.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/blog.planview.com\/#organization","name":"Planview","url":"https:\/\/blog.planview.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.planview.com\/#\/schema\/logo\/image\/","url":"https:\/\/blog.planview.com\/wp-content\/uploads\/2015\/06\/planview-logo-black.png","contentUrl":"https:\/\/blog.planview.com\/wp-content\/uploads\/2015\/06\/planview-logo-black.png","width":280,"height":66,"caption":"Planview"},"image":{"@id":"https:\/\/blog.planview.com\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/pages\/Planview-Inc\/89422974772","https:\/\/x.com\/Planview"]},{"@type":"Person","@id":"https:\/\/blog.planview.com\/#\/schema\/person\/2914f3ce615f74715dc9fe4f03072153","name":"Naomi Lurie","description":"Naomi Lurie is VP Product Marketing at Tasktop. She is passionate about making businesses successful through effective customer-centric communication. With over 15 years of B2B product management and marketing experience, she specializes in large enterprises and their digital transformations.","url":"https:\/\/blog.planview.com\/author\/naomi-lurie\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/posts\/21472","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/users\/223"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/comments?post=21472"}],"version-history":[{"count":0,"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/posts\/21472\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/media?parent=21472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/categories?post=21472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.planview.com\/wp-json\/wp\/v2\/tags?post=21472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}