Stocks should rally if the U.S. and China agree to new negotiations and a ceasefire in the trade war, but the economic impact of tariffs will continue.Market Insiderread more
Democrats want Mueller's testimony on his probe into Russian interference in the 2016 election and Trump's efforts to influence it.Politicsread more
The trade war between Beijing and Washington appears to have depressed Chinese property purchases in the United States. China's own actions may also be playing a role.Real Estateread more
Tesla CEO Elon Musk sent out another email to his employees, pushing them to aim for a record number of vehicle deliveries to end the second quarter of 2019.Technologyread more
More than 300 companies are talking to government officials in Washington about how detrimental the trade war is.Marketsread more
Powell stresses the central bank's independence in a speech that comes amid continuous pressure from the White House to cut interest rates.The Fedread more
The Senate is expected to pass its own version of the border aid legislation, while the Trump administration has threatened to veto both bills.Politicsread more
Stocks in Asia were tepid on Wednesday afternoon after U.S. Federal Reserve Chairman Jerome Powell tempered expectations for a potential interest rate cut.Asia Marketsread more
The purchase confirms Apple's continued interest in self-driving car software, and it will bolster Apple's engineering ranks with additional employees who can build autonomous...Technologyread more
More than 1,000 protesters marched to major foreign consulates on Wednesday calling on leaders at the upcoming G-20 summit to raise the plight of Hong Kong with China and to...World Politicsread more
In a text message, Grisham confirmed to CNBC that she will still be working for the first lady even as she takes on her new roles.Politicsread more
Equifax's new CEO Mark Begor told senators Thursday that the credit ratings agency has made many changes since its 2017 breach of the personal information of 143 million people, but he also defended the company against a harsh new Senate report about the incident.
"The fact that Equifax did not have an impenetrable information security program and suffered a breach does not mean that the company failed to take cybersecurity seriously," he said in a prepared statement.
Begor joined Equifax's chief information security officer, Jamil Farshchi, and Marriott CEO Arne Sorenson to discuss private-sector data breaches at a hearing Thursday in front of the Senate's Homeland Security and Governmental Affairs Subcommittee on Investigations.
"Before the cyberattack, I understand that the [Equifax's] security program was well-funded and -staffed, based on a robust set of policies, standards, and procedures, and supported by general and specialized training," he said.
The Senate report says that unlike Equifax, the company's competitors Experian and TransUnion "were able to avoid a similar data breach."
Begor said that in 2018, the more than 1,200 data breaches against U.S. corporations showed that companies of all types were falling victim to these crimes.
"These attacks are no longer just a hacker in the basement attempting to penetrate a company's security perimeter, but instead are carried out by increasingly sophisticated criminal rings or, even more challenging, well-funded nation-state actors or military arms of nation-states," he said.
Equifax has added four new directors and created an "audit framework" meant to give the board of directors security benchmarks that they understand and that can make it easier to record progress, Begor said. The company has also planned to spend $1.25 billion more between 2018 and 2020 on security and information technology as a result of the incident.
The report also criticizes Equifax for not properly saving records of internal conversations about the breach. Employees used an internal chat service called Microsoft Lync, which was set to not preserve conversations. Although this is a typical data retention practice, companies often adopt different standards surrounding events that may lead to legal action, specifically enacting a "legal hold" on any employee conversations about the incident.
"During its investigation, the Subcommittee learned that Equifax employees conducted substantive discussions of the discovery and mitigation of the data breach using Microsoft Lync, an instant messaging product," the report says. "After discovering the data breach on July 29, 2017, Equifax did not issue a legal hold for related documents until August 22, 2017. Despite the legal hold, Equifax did not change the default setting on the Lync platform and begin archiving chats until September 15, 2017."
Marriott announced its breach on Nov. 30, later saying it affected up to 383 million guests. Security experts have said the breach had many clear hallmarks of a nation-state attack.
In Marriott's case, the breach affected the company's legacy Starwoods information system and lasted over the course of four years.
The committee went easier on Marriott, with one senator beginning the hearing by saying the hotel chain's breach didn't appear to have the same "cultural" component as Equifax's.
"The data breach announced by Marriott this past November does not appear to have been caused by the same cultural indifference to cybersecurity the record indicates existed at Equifax, rather, it looks like Marriott inherited this breach from Starwood," said Sen. Tom Carper, D-Del.
Marriott completed its acquisition of Starwood in September 2016. Carper said he had questions about Marriott's data-retention policies, specifically why the company needed to retain data on "millions" of passports for an extended period. He also suggested companies needed to tweak their merger due-diligence process to focus more keenly on cyber threats.
While the merger was ongoing, Sorenson said Marriott examined what it could of Starwood's IT infrastructure, but their scope was limited because of legal constraints.
"We conducted an assessment on integrating the two systems, although this inquiry was legally and practically limited by the fact that until the merger closed, Starwood remained a direct competitor," Sorenson said.
The company retired the Starwoods guest reservation database after the incident and is no longer using it, Sorenson said.
Marriott's breach did not include critically sensitive information — like Social Security numbers — as Equifax's did, but did include the passport data of 5 million customers.