Two employees have been sacked and five senior management executives, including the CEO, fined for their role in Singapore’s most serious security breach, which compromised personal data of 1.5 million SingHealth patients. Further enhancements also will be made to beef up the organisation’s cyber defence, in line with recommendations dished out by the committee that reviewed the events leading up to the breach, according to Integrated Health Information Systems (IHIS). The IT agency responsible for the local healthcare sector including SingHealth. IHIS said a lead in its Citrix team and a security incident response manager were found to be negligent and in non-compliance of orders. This had security implications and contributed to the “unprecedented” scale of the SingHealth security breach, the agency said in a statement Monday. Singapore must be tougher on firms that treat security as value-add service Businesses that handle customer data should be expected to do so with all the appropriate cybersecurity systems and polices in place, rather than provide these as a “value-add service”, and it’s time the Singapore government holds those that fail to do so accountable. Read More IHIS noted that the Citrix team lead had the necessary technical capabilities, but his “attitude” towards security and management of the servers involved in the breach had introduced unnecessary and significant risks to the system. In its report published last week, the review committee said the hackers had exploited a vulnerability in the network connectivity between Citrix servers located at a public general hospital and a… [Read full story]
ZDNet is a business technology news website published by CBS Interactive, along with TechRepublic. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication owned by CNET Networks.