Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Can't afford a security chief? Here are the alternatives

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 23 Oct 2018 06:00:03 +0000 (UTC)
https://www.healthcarefinancenews.com/news/cant-afford-security-chief-here-are-alternatives

By Susan Morse
Senior Editor
Healthcare Finance
October 22, 2018
Particularly for smaller hospitals and medical groups, hiring a full-time chief information security officer can be a stretch of the budget and resources. But patient data must still be protected because smaller organizations face many of the same risks larger systems do.
So cybersecurity responsibility often falls to the CIO, the IT director, or, even to a certain extent, the hospital's EHR vendor, none of which are traditionally aligned with a cyber role.
"All hospitals need to have an individual or entity that provides the position," said Norma Krayem, senior policy advisor for Holland & Knight and chair of the Global Cybersecurity and Privacy Policy and Regulation Team. "The risk is so critical, that hospitals can't afford not to have someone doing this job."
That reality is giving rise to two alternatives: tapping the expertise of a virtual CISO or outsourcing cybersecurity to a managed provider. 

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: