Mayo Clinic CISO says healthcare data harder to protect than financial information

Mayo Clinic CISO Jim Nelms, who previously spent 14 years at The World Bank securing financial information in war-ravaged countries and regions devastated by natural disasters, says protecting health-care information is far more difficult. "Medicine is 10 to 15 years behind in IT practices than other industries," he said. To hunt for nascent problems, Mayo Clinic has created a "threat intelligence group" within security. The group's founder recently quit for a vendor job, illustrating one of the tougher CISO challenges: keeping good people. CIO Journal talked with Mr. Nelms about what makes health-care vulnerable and why cybercriminals win. [Subscription Required]