Anthem Hack: Lessons For IT Leaders - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

CIO Insights & Innovation
Security & Risk Strategy
Team Building & Staffing
IT Strategy
Digital Business
Project Management
Programming Languages
Dr. Dobb's
Enterprise Applications
Operating Systems
Productivity/Collaboration Apps
Network Security
Careers & People
Threat Intelligence
IoT
Attacks & Breaches
Application Security
Cloud Security
Endpoint Security
Mobile Security
Perimeter Security
Risk Management
Operations Security
Analytics
Vulnerabilities & Threats
Security & Risk Strategy
Infrastructure as a Service
Platform as a Service
Software as a Service
Cloud Storage
Data Centers
Mobile Applications
Mobile Devices
Mobile Business
Enterprise Mobility Management
AI/Machine Learning
Big Data Analytics
Hardware/Architectures
Software Platforms
IoT
Networking
Wireless Infrastructure
Data Centers
Cloud Infrastructure
Careers and Certifications
Network Security
Government
Healthcare
Wall Street & Technology
Bank Systems & Technology
Insurance & Technology
Industries
Government
Healthcare
Wall Street & Technology
Bank Systems & Technology
Insurance & Technology
IT Life
Careers
Mobile
Mobile Applications
Mobile Devices
Mobile Business
Enterprise Mobility Management
Software
Enterprise Applications
Operating Systems
Productivity/Collaboration Apps
Comments
Anthem Hack: Lessons For IT Leaders
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 3 / 3
Gigi3
100%
0%
Gigi3,
 User Rank: Ninja
2/16/2015 | 7:05:15 AM
Re: McGladrey and Data breach advice
"Intresting information, IT departments should give more importance to prevent external threats which can affect IT systems of an organization. Companies should adopt new technology to improve customer experience and take adequate measures to ensure they have a secure and protected system."

Anon, you are right. Data threat and security are a major issues with online, especially with networked devices. how far your system/data is safer is a big question and companies are spending millions of dollars every year to safe guard their information and hack free.
zerox203
100%
0%
zerox203,
 User Rank: Ninja
2/14/2015 | 10:47:27 PM
Anthem Hack: Lessons For IT Leaders
This is actually the first time I'm hearing about this. No surprise that it's headlines news, considering who's involved, but it's much appreciated to have a more sober take that covers all the bases rather than the overly sationalized versions that are likely to pop up most places. As the linked article in defense of non-encryption points out, the public doesn't really understand encryption (in fact, even many seasoned IT pros really don't), but it sounds good to say someone dropped the ball by not doing it. I'm the first one to question whether we really need comprehensive security measures on every piece of data at every company - that said, I'll always temper that point by saying something like 'unless you're in a highly sensitive field'. Healthcare is certainly on that list of sensitive fields. 

That said, the smart money knows the IT security is a war of mitigation, not prevention. A breach is going to happen to everyone sometime, no matter how thorough your protection is. How you deal with the fallout, how quick your recovery is, and how you prepare for next time that count. Again, in this regard, Anthem earns some points. It looks like they're already offering customers free support for potential financial issues, and as you point out, they notified the FBI immediately. Still, the full extent of their future plans remains to be seen, and who knows how much of that trust they'll be able to regain. I don't know whether the multitude of recent breaches should be a wakeup call that we need stricter regulations, a wakeup call that these breaches are a fact of life, or both.
SaneIT
100%
0%
SaneIT,
 User Rank: Ninja
2/13/2015 | 8:16:55 AM
Re: Anthem Hack
In cases like this if the goal is blackmail then it's usually pointed at the target not the employees, patients, etc.  Blackmailing thousands of people for some smaller pay off isn't worth the effort or risk, since the more communication you have with victims the more likely you are to give up information that will lead to you being caught.  The data theft is usually intended for simpler crimes like credit card fraud on a large scale that can go unnoticed for a period of time under the radar.  Drawing attention to themselves is not in their best interest for hackers breaking into these systems.  
anon6262781453
100%
0%
anon6262781453,
 User Rank: Apprentice
2/13/2015 | 7:28:21 AM
McGladrey and Data breach advice
Intresting information, IT departments should give more importance to prevent external threats which can affect IT systems of an organization. Companies should adopt new technology to improve customer experience and take adequate measures to ensure they have a secure and protected system. I work for McGladrey and there is an infograph in our website.  bit.ly/mcgldrydatabreach
Joe Stanganelli
100%
0%
Joe Stanganelli,
 User Rank: Author
2/12/2015 | 10:02:48 PM
Re: Anthem Hack
@jastroff: Not necessarily -- although certainly a distinct possibility that one must keep in mind, particularly when thinking about one's own organization.  Many healthcare companies, of course, are highly desired targets right now for the reasons I mentioned.  It's a lot easier to cancel a credit card than it is to protect your EMRs.
jastroff
100%
0%
jastroff,
 User Rank: Ninja
2/12/2015 | 4:56:40 PM
Anthem Hack
@joe -- great article - covers all the bases so well.

>> What, then, are feasible solutions for companies to undertake to protect themselves from compromised employees -- employees who may be incentivized to go rogue?

Or employees who may be blackmailed because of the information, no? It seems that this attack was looking for people to exploit politically, etc. 

 

 
<<   <   Page 3 / 3


The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Download Now!
Editors' Choice
Commentary
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
News
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
Slideshows
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
Register for InformationWeek Newsletters
Video
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Download This Issue!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll