Last time, I had a chat with Kristen Kozinski. She’s an expert on web development security, and she also has a pretty cool website for end user security education called Don’t Click on That.

This time, I have a very special interview with Jelena Milosevic. She’s a nurse who has made it her mission to educate people about the cybersecurity problems in the medical industry.

Kimberly Crawley: Please tell me about what you do.

Jelena Milosevic: I work as a nurse, and few years ago, I got interested in infosec. It started with getting passwords from all my colleagues. I realized what sort of power I have by knowing how to access their accounts and that I can work under their names. That’s how I entered the world of infosec.

KC: Wow, that’s some lousy password policy.

JM: It didn’t exist. I found a lot of usernames and passwords in our office room. I started with passwords, and I hope I can find a way to convince people at work to be more careful about that. It’s about building awareness.

If you know how to access user accounts on the medical side, you can harm the patient or even kill really easy.

There is nothing that is safe and secure in healthcare. As a result, I am trying to convince people about the importance of cybersecurity.

When it comes to data, marketing money is what most people in my industry care about, and they do not want privacy. Because of that, the security is bad, too.

KC: Are there not cybersecurity regulations that pertain to the medical field?

JM: There was no policy for anything. But recently, there have been small changes. We cannot download movies or access some links. Websites that have pornography and online games are usually (Read more...)