• Maeve@kbin.social
    link
    fedilink
    arrow-up
    8
    ·
    8 months ago

    Get ready for clay tablets and possibly cuneiform record keeping. I saw this coming from a mile away before health records and billing were due to go live online, and everyone pooh-poohed my alarms. We can’t go back to all paper, we’re still squandering life-breathing trees. But a lot of this is simply board members and C-Suite not allocating enough dollars for proper hardware, software, and strongly knowledgeable minds to implement good security.

    • Gaywallet (they/it)@beehaw.orgM
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      8 months ago

      But a lot of this is simply board members and C-Suite not allocating enough dollars for proper hardware, software, and strongly knowledgeable minds to implement good security.

      The stolen data was encrypted, so all the hackers were doing was stopping business from being run. With that being said, if you think it’s just about ‘implementing good security’ I think you’re out of depth when it comes to just how large of an attack vector it is and how sophisticated the attacks can be. We’re talking about an industry where people are willing to cough up millions of dollars to recover data in some cases, meaning that it attracts some of the best talent in the world to coordinate attacks and the attacks can be extremely sophisticated.

      • Maeve@kbin.social
        link
        fedilink
        arrow-up
        3
        ·
        8 months ago

        Sure. Allow me to give you a little background about my area, from personal experience a hundred years ago in the industry: security by obscurity was the standard, a CTO had zero experience with anything computer related, beyond powering his on and pecking out emails, was not interested in learning about (let alone learning any) current or new technology, coding, or security related. The sysad couldn’t code a lick, depended on an online scanner for malware removal (and it was a persistent problem), and did absolutely zero auditing, wondering why the better team members stayed long enough for a reference and ran screaming. This was the worst, but not by much, company I worked for in the industry in a very wealthy area. I’m sure things have changed over the years, but from friends in the industry, not by much. They still stay long enough for the reference of official experience, then end up moving companies, or the better ones go on to self-employme t, often contacting for the same companies, at 4x the hourly rate, because it’s still cheaper than getting sued by by clients or the government.

        The weird thing is, I’m about to try to re-enter the industry, personal and industry issues aside, at a later point in the year.