What the Target Data Breach Fiasco Should Teach MedtechWhat the Target Data Breach Fiasco Should Teach Medtech
October 29, 2014
It was one of the major stories in the Twin Cities over the past year: personal data on up to 70 million Target Corp. customers stolen by hackers.
Medical device companies actually have a great deal to learn from the story, because the Target hackers didn't make a frontal assault on the Minneapolis-based company; the hackers came in through a third-part HVAC company's systems, says Olayinka James, recently promoted to a new chief information security officer (CISO) position at Zimmer Holdings (Warsaw, IN).
"Third-party service providers can be our weakest link. Part of bringing them in is really about doing the due diligence. ... We're taking third-party risk management very seriously," James, who is in charge of information security at one of the world's largest orthopedic device companies, said during a Wednesday morning keynote at MD&M Minneapolis.
James compared a hacker attack to a tank driving up to a company's front door.
"It's like a war, and everything you have in place is not sufficient to counter an attack. ... We have state sponsored hackers. So that's what we're facing now," James said.
But in the case of Target, a better analogy would be following behind the person delivering the dry cleaning.
Check out Qmed's previous story with James about how Zimmer is managing cloud computing--as well as a Q&A with James about why the cloud matters for medtech.
Chris Newmarker is senior editor of Qmed and MPMN. Follow him on Twitter at @newmarker.
Like what you're reading? Subscribe to our daily e-newsletter.
About the Author
You May Also Like