Information Security News mailing list archives
Can't afford a security chief? Here are the alternatives
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 23 Oct 2018 06:00:03 +0000 (UTC)
https://www.healthcarefinancenews.com/news/cant-afford-security-chief-here-are-alternatives By Susan Morse Senior Editor Healthcare Finance October 22, 2018Particularly for smaller hospitals and medical groups, hiring a full-time chief information security officer can be a stretch of the budget and resources. But patient data must still be protected because smaller organizations face many of the same risks larger systems do.
So cybersecurity responsibility often falls to the CIO, the IT director, or, even to a certain extent, the hospital's EHR vendor, none of which are traditionally aligned with a cyber role.
"All hospitals need to have an individual or entity that provides the position," said Norma Krayem, senior policy advisor for Holland & Knight and chair of the Global Cybersecurity and Privacy Policy and Regulation Team. "The risk is so critical, that hospitals can't afford not to have someone doing this job."
That reality is giving rise to two alternatives: tapping the expertise of a virtual CISO or outsourcing cybersecurity to a managed provider.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Can't afford a security chief? Here are the alternatives InfoSec News (Oct 23)