Cyber & Health Data? How is this one topic?
When health/benefits facilitators consider putting their client information onto a network, why are they not investigating the level of security on that network? What could go wrong? The data on individuals is extremely personal and valuable to criminals. These are people who can hold data for 10 years or more before using it.
Imagine telling 1,500,000 people that they immediately have to change their passwords on all of their systems and to watch for incorrect charges on their statements. Someone may have their identity no. or social insurance no. The cost to do this and to notify patients is in the millions of dollars.
Equifax comes to mind as well. Where is the Chief Risk Officer here?