Improving your informaiton security posture for 2014

 

A recent article on Government Health IT discussed some of the healthcare breach predictions for 2014.  Unfortunately, information security risks are not only present within that industry.  Every business that uses the internet, has online data, and adopts other technologies used in a corporate environment (and containing sensitive information) needs to be concerned with their security posture.

 

Here are some information security areas healthcare professionals and business executives alike (such as CEOs, CIOs and CFOs) can expect to need to continuously work on in 2014 to improve their security efforts.

  • Affordable Care Act Information Risks
    More people will be signing up for health insurance with Obamacare in full effect.  This will increase the target pool of private and sensitive data vulnerable to attack.  The sensitive data contained in our healthcare documents are so important that there should never be one moment where healthcare providers let their guard down.
  • Big Data and the Cloud Information Risks
    Data and the cloud are great for streamlining work efforts and communication, but they also imply more information online, in the network. Ultimately, we have a lot of data that can become accessed by unwanted individuals.  Let’s remember, with today’s regulations businesses must report breaches.  The consequence: loss of information, disappointed customers (who could leave), and financial loss.
  • Information Security Compliance and Regulations
    Thanks to our interconnectedness, we can also expect a higher risk of multi-country breach potential in 2014.  This implies that companies will not only need to maintain compliance and meet regulations within their own country, but they will also need to know other country’s information security regulations and compliance requirements.

Following these three information security considerations for 2014, there’s one more important security challenge to deal with: The false sense of security held by executives (yes, you read correctly, false).

A recent survey by CompTIA showed that 82 percent of companies believe their current level of security is completely or mostly satisfactory.  But few of the companies surveyed, a total of 21 percent, view human error as a serious concern when it comes to security.  This is shocking; and ultimately, makes their belief of having a good security posture erroneous.

Just recently, here at NCX Group, we received a document filled with a patient’s sensitive data.  This was an obvious human error infosec situation.  It adds to the notion that companies need to gain the security expertise and help they need to truly ensure a top level security posture for their organization.

A lack of security makes breach more likely to happen; and breach always results in a negative affect to your bottom line.  Make sure you are taking the necessary steps to keep your information security risks under control for the safety of your customers and the success of your enterprise.

How do you plan on beefing up your information security this 2014?

 

Photo Courtesy of Ocdp