Skip to main content
close search
site logo
Dive Brief

Capital One removes CISO from role following breach

Published Nov. 7, 2019
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Nathan Dumlao

First published on

CIO Dive

Dive Brief:

  • Capital One's chief information security officer (CISO), Michael Johnson, is moving from his role following the July disclosure of a data breach that exposed up to 106 million customers' data, a bank spokesperson told Industry Dive on Thursday in an email. 
  • Johnson will remain at Capital One as an adviser, focused on the bank's ongoing response to the data breach. Meanwhile, the bank appointed Mike Eason as interim CISO and head of cyber​. Eason previously served as the CIO for Capital One's commercial bank.​​ Capital One is conducting an external search for a new CISO. 
  • Capital One employees cited high turnover in the cybersecurity unit before the breach, according to an August report in The Wall Street Journal. Some employees said Johnson's management style was unsuited to the public sector — he had previously worked for the federal government — and many "initial direct reports" left for other positions, The Journal reportedCapital One's cybersecurity organization frequently overstepped its budget, according to the report.  

Dive Insight:

CISOs will often fall on their sword in light of a cyber event. Other times, it's not their choice. 

Although it's seldom one person's responsibility covers all facets of security, the onus of a breach still falls on the shoulders of the CISO

Prior to joining Capital One and the private sector, Johnson served in IT and security roles in the Department of Homeland Security, the White House and the Department of Energy, according to his LinkedIn page. 

Capital One's public cloud-first strategy relies on Amazon Web Services, as opposed to private clouds and internal firewalls.

Former Amazon Web Services employee Paige "erratic" Thompson is accused of exploiting the "Server-Side Request Forgery" vulnerability to gain access to data from customers who applied for credit cards between 2005 and 2019. Thompson was released from federal custody Tuesday as she awaits trial.

Amazon Web Services has said the security burden falls on Capital One. But lawmakers have asked federal regulators to consider leading cloud providers systemically important.

Recommended Reading

Filed Under: Technology, Risk

Editors' picks

  • The exterior of Five Star Bank's Rancho Cordova office building is shown, with "Five Star Bank" in white letters at the top left of the building exterior.
    Image attribution tooltip
    Permission granted by Smriti Shakargaye
    Image attribution tooltip

    Five Star Bank bets on its California roots in Bay Area move

    The Sacramento-area lender found San Francisco a tough market to crack. But when East Coast banks swooped in and former First Republic customers grew disenchanted, Five Star hatched a strategy.

    By Caitlin Mullen • Aug. 27, 2024
  • JPMorgan Chase building signage in New York City
    Image attribution tooltip
    Michael M. Santiago / Staff via Getty Images
    Image attribution tooltip

    JPMorgan, Zelle may have upper hand if litigation ensues

    If the banks that own Zelle’s parent battle the Consumer Financial Protection Bureau in court, they may find some federal judges open to their arguments, said lawyers specializing in the area.

    By Patrick Cooley • Aug. 16, 2024

Company Announcements

View all | Post a press release
interface.ai Reinforces AI Leadership in Financial Services with Industry-Unique Device Biomet…
From Jordan Mitchell
November 21, 2024
Cross Border Payment Solutions Launches to Help Business Take Control of International Finance
From Cross Border Payment Solutions
November 18, 2024

Want to share a company announcement with your peers?

Get started

Editors' picks
  • The exterior of Five Star Bank's Rancho Cordova office building is shown, with "Five Star Bank" in white letters at the top left of the building exterior.
    Image attribution tooltip
    Permission granted by Smriti Shakargaye
    Image attribution tooltip

    Five Star Bank bets on its California roots in Bay Area move

    The Sacramento-area lender found San Francisco a tough market to crack. But when East Coast banks swooped in and former First Republic customers grew disenchanted, Five Star hatched a strategy.

    By Caitlin Mullen • Aug. 27, 2024
  • JPMorgan Chase building signage in New York City
    Image attribution tooltip
    Michael M. Santiago / Staff via Getty Images
    Image attribution tooltip

    JPMorgan, Zelle may have upper hand if litigation ensues

    If the banks that own Zelle’s parent battle the Consumer Financial Protection Bureau in court, they may find some federal judges open to their arguments, said lawyers specializing in the area.

    By Patrick Cooley • Aug. 16, 2024
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell