Memorial Healthcare System in Hollywood, Fla., is notifying about 9,500 patients that two fired employees may have inappropriately accessed their personal information with the intent to process fraudulent tax returns.
What's the best way to win a CEO's support for greater information security investments? Consultant Eric Mueller advises IT security professionals to spell out the business impact of inadequate security.
"Regulation drives spending," says George Tubin of GT Advisors. "You're in a situation where the regulators are telling you, 'You have to do something; you have to make improvements.' Therefore, the bank has to spend some money on technology."
To respond to a security incident, an organization must first be aware of it. But too many intrusions go undetected, says Rob Lee of SANS Institute. That's the first problem that needs to be addressed.
One problem tracking IT security employment is the dearth of information. Even the most trustworthy organization in collecting employment data, the Bureau of Labor Statistics, furnishes infosec data it cautions aren't reliable.