this post was submitted on 01 Oct 2024
156 points (99.4% liked)
Technology
59361 readers
3738 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I like the “ransomware scumbag” language but at the same time, it feels like companies only give a shit about security after an incident.
I dunno, with Healthcare the larger the organization the more serious they take it. A small practice may basically ignore it but by the time you get to be the size of UMC, the Hospital named in the article, they're typically spending many millions of dollars annually on CyberSecurity.
The problem is that they're stuck playing defense. They have to get it right every time but the attackers only have to get lucky once. They could successfully repel 10,000 attempts Monday through Saturday but then on Sunday they only repel 9,999 'cuz Bored Bob the maintenance guy clicked a new zero-day in their email and now they're in the news.
This is an American hospital.
You can't justify the security costs on this quarter's numbers, so we're gonna have to fire the whole team except Scruffy who changes tapes on the new tape lib that nothing uses.
They're gonna outsource the management to some group in Estonia but Deloitte can't get here to start planning the finances of the project to scope the work to manage the admin programme for another 6 months.