Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
None of the agencies surveyed by GAO could precisely enumerate the number of IT security personnel they employed. In fact, estimates within agencies varied widely, based on who was reporting and analyzing employment data.
Dan Waddell of Tantus Technologies says giving back to the community is every information security professional's responsibility. And with the insurgence of cybercrime affecting all walks of life, now is the ideal time to get started.
Information security threats - especially to critical infrastructures and from nation-states - are evolving. But security education curricula are struggling to keep pace, according to Eugene Spafford, renowned information security professor at Purdue University.
To win support for information security spending, IT security professionals need to refine how they make their case to senior executives, says Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center. Here's how.
Most organizations remain uncomfortable in letting their employees use their own mobile devices to access their IT systems. Yet, in many instances, those charged with securing their enterprises' IT understand that it's just a matter of time before they must grant workers permission to employ those devices.
Unfortunately, says Ken Vander Wal, most organizations have done little to address security in their policies and procedures regarding BYOD, which is changing the ways companies address user behavior and risk.
NICE's Ernest McDuffie says a proposed cybersecurity workforce framework represents a consensus of government thought on how best to define the jobs, skills and tasks needed to secure information technology.
The U.S. government is circulating a draft document of seven high-level categories detailing tasks, skills and job titles of IT security occupations that should help organizations to architect more effectively their staffs to safeguard data and systems.