
I work in a large Helathcare network
The security is atrocious because each hospital wants to do their own things and use whatever cobbled together solution they were before. There is no standardization and the budget to get everything to that point is razor thin (yet the executives all took in massive bonuses, go figure). The worst part is that I was hired as a consultant to set up a security monitoring tool because they hadn't had a working one for close to 10 years now so we don't even know what has happened (They were using RSA enVision, its a massive piece of crap).
The scary thing is that if you've ever been in a hospital whose name starts with "Saint", there is a decent chance of being treated by us...
Although what is ironic with this report is that most of the of the security issues we have are from Symantec Endpoint Protection not actually cleaning the malware it finds...
Anonymous because I don't want to get fired just as I've started getting their house in order.