HITECH data breach analysis « Steve on Security

HITECH data breach analysis

Chris Merritt over at Lumension did a quick analysis of the HHS breaches of healthcare data for ~4Q09. It pretty well repeats what most of us in the security industry have been harping on for years regarding healthcare information:

Theft (not accidental loss) is the biggest vector both in terms of # of incidents and total records compromised
The endpoint, NOT the datacenter, is your weak link

The picture is a bit different with respect to financial information and PII (application and endpoint security), but time after time we’ve shown that if I can pop your desktops, I can use them to pop your datacenter.

~ by stevegoldsby on March 2, 2010.

Posted in Uncategorized

About Steve Goldsby

Steve has nearly two decades of experience in the information technology and security industry as a subject matter expert and consultant to Federal, State and commercial organizations spanning all major verticals. He is a popular featured speaker at national and state conferences as an Information Security subject matter expert. His Information Security articles and papers have been featured in national trade magazines and journals. Steve works for Integrated Computer Solutions Inc.

Twitter

RSS: Symantec HackIsWack site still open to rickrolling: Shared by Steve Symantec HackIsWack site still open to... http://bit.ly/95TxRp.....14 hours ago
RSS: Security Briefing: September 8th: Shared by Steve September 8th Threatpost Back at the helm after a grea... http://bit.ly/c6DdLs.....21 hours ago
RSS: Data Security Compliance Worldwide in a One Picture: Shared by Steve Data security compliance worldwide as... http://bit.ly/8YDH9r.....21 hours ago
RSS: Why I Don’t Like Time & Materials Gigs (T&M).: Shared by Steve Evil of T&M -- I agree to some extent, but ... http://bit.ly/9jA42e.....2 days ago
RSS: A little bit of fuzz: Shared by Steve A little bit of fuzz - good fuzz input files Original by Boon Lee Fa... http://bit.ly/9cyATN.....2 days ago

Steve on Security