Don't miss our upcoming Network Computing virtual event on Connectivity Solutions - Secure Your Complementary Seat Now!
I am certain the U.S. Department of Veteran Affairs will investigate the circumstances surrounding the VA analyst who lost personal data on 26.5 million veterans, correlate the facts, and then fire that employee.
If this analyst was acting with malicious intent, the VA would be right to cut him loose. But assuming all the facts we have to date are accurate, firing him would be shortsighted and wrong. Average employees do not take work home with them; only motivated employees--an organization's best employees--do that. Firing this worker will send a message that will ripple through both the public and private sectors: "Take work home with you, and we will fire you."
Instead, the VA must confront the system that let this volume of data leave the building. The analyst was not authorized to take this data home, according to the reports we've seen, but he'd been doing so for three years, which means the VA can't--or doesn't--enforce its own security policies.
The VA should reprimand this analyst, then undertake some serious work to deploy mechanisms such as extrusion prevention to ensure that no other well-meaning employee can unwittingly put veterans' identities at risk.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
