Security Consulting Firms: Role

-

There is an ever-greater pressure, said Michael Hamilton, co-founder of Seattle-based CI Security, an information security consulting firm, for those with the best real-time understanding of how cybercrime is evolving to have the same kind of access to chief executives and governing board members as those who manage finances and other critical business functions have long enjoyed.

They’re trying to avoid records disclosure, theft, extortion, and the disruption of critical operating capacity. Those are direct fiduciary risks to the business.

There is a definite push across all industries, especially those that hold sensitive records of patients or employees, to elevate information security among top decision-makers.

Every CEO, at this point, is now in the business of cybersecurity.

They need to be engaged and understand what the risk is on a real-time basis; the threat landscape is ever-evolving and becoming more sophisticated.

In San Diego County, nothing could have underlined these points more clearly than the ransomware attack that hit Scripps Health, the region’s second-largest health care system, in May.

The attack, which Scripps still has not fully explained, so compromised digital systems that all facilities were forced to revert to paper record processing for nearly one month. Early on in the attack, which eventually forced the health provider to notify nearly 150,000 of its patients that their records may have been breached, so slowed critical functions that emergency, trauma, and stroke cases had to be diverted to other facilities.

While it is not clear how frequent and robust cybersecurity briefings were at the highest levels of Scripps leadership before the attack, a few digital bread crumbs available for anyone to see online seem to indicate that the role of chief information security officer moved down, not up, the corporate organization chart years before May’s attack.

CISOs generally are directly tasked with keeping track of new and current cyber vulnerabilities and getting them fixed as well as planning for immediate responses when defenses fail.

Profiles posted to the popular jobs site LinkedIn show that the CISO position moved further from, not closer to, Chief Executive Officer Chris Van Gorder.

The LinkedIn profile of Powell Hamilton, now running his security consulting firm, indicates that he filled Scripps’ chief information security officer position at the vice president level from November 2015 through April 2019.

Hamilton declined to comment on his reason or reasons for departure after receiving notification from Scripps’ legal department that doing so would violate the terms of his severance agreement.

A LinkedIn profile for Scripps employee Cyrus Bulsara indicates he took over the CISO role in June of 2019 but as a director, not a vice president. Bulsara’s profile indicates that he majored in business and economics at UC Santa Barbara, is working on a master’s degree in cybersecurity from the Whiting School of Engineering at Johns Hopkins University, and is a certified intrusion analyst and certified information security manager.

Scripps did not make Bulsara available to discuss his role and generally declined to discuss moving the position within the corporate hierarchy.

Scripps has always prioritized the security of our patient's information. Over the past several years, Scripps has significantly increased investments in and resources under the CISO, a key position in our organization.

Scripps has remained mum on what budget is allocated to information security. Scripps said in an email that Bulsara reports to Scripps’ chief audit, compliance, and risk executive, who reports to the organization’s board of trustees and CEO Chris Van Gorder.

That path to the CEO appears to be somewhat rare, at least in health care.

Comments

Post a Comment

Popular posts from this blog

The best 10 jobs new graduates are applying for, and what they pay

-
Image
These are the top jobs and companies new grads are applying for Software engineer, $94,111 per year Data analyst, $60,508 per year Business analyst, $65,267 per year Data scientist, $100,793 per year Administrative assistant, $34,375 per year Sales representative, $28,188 per year Financial analyst, $64,807 per year Project manager, $55,583 per year Graphic designer, $41,347 per year Software developer, $70,000 per year Source : Median yearly pay rates as per Glassdoor information. Find the top engineering job | Careers | Project Based Jobs Job searchers of any age may try to work in science, technology, engineering, and math on account of inventive tech organizations, including Google, Apple, and Facebook, whose products and services have changed the way in which individuals live. These STEM jobs also will in general pay more, due partially to what in particular's known as a tech-talent deficiency where there are more technology employments being made than t...
Read more

Cyberattack campaigns misusing COVID-19 with worldwide effect

-
Image
So far there have been a great many revealed COVID-19 phishing trials and this number is expanding quickly with more than 50 new reports every day. One of the most widely recognized tricks those new to the remote workforce should be paying special attention to are emails and SMS messages requesting donations to enable the National Health Service (NHS) to purchase Personal Protective Equipment (PPE) and to finance to battle against COVID-19 in general. Current assessments propose that scammers have already taken millions utilizing this method. Another comparable trick is instant messages and emails, clearly from the UK government, giving fines to individuals for going out more than once daily during the lockdown. Since these messages are fraud, the "fines" are paid straightly to the scammers. By following the links in a trick email, bank information, accounts and passwords can be theft, allowing hackers to steal bank accounts totally. As the economy battles to recover from...
Read more

Security skills for systems administrators to learn

-
Image
As a systems admin, there's consistently an overabundance of work to be finished. Based upon the work burden, a ceaseless stream of issues, problems and concerns apparently birth themselves from all points. Since they have such a great amount to do, SAs can fall into the redundant cycle of bouncing from one work order then onto the next, for a long time, without cutting out an ideal stay current with their skills or in any event, developing them. Having all-around sharpened skills can help sysadmins keep current with errands while becoming more sought after when it comes time to change jobs. Learn here what is the role of system administrator in securing the organization's systems? Security In spite of the fact that it keeps going on this list, it is likely the one with the best potential for growth since it very well may be applied to all principles of IT. With its own differing levels of unpredictability and difficulty, the security track contacts each part of IT, maki...
Read more