Dive Brief:
- Chief information officer John Halamka of Boston's Beth Israel Deaconess Medical Center has created a wish list for how he would spend funds on security under ideal circumstances.
- With servers overwhelmed, it's important to work on denial of service/distributed denial of service mitigation. It's better to be prepared than reactive, he says.
- Another priority is security information and event management. Threat analysis based on multiple data streams is vital to managing threats, Halamka notes.
Dive Insight:
Along with the threat mitigation previously mentioned, Halamka points out that network forensics — reconstructing who did what — is critical when reporting incidents to authorities or when prosecuting. Ultimately, it's obviously better to prevent problems than prosecute the offenders, but having the information you need to do so is a critical part of the process.