InfoSecurity Professional INSIGHTS Archive: June 2019
From Nursing to Cybersecurity: Marylyn Harris Keeps Protecting Patients
By Pat Rarus
For many years, Marylyn Harris, a former U.S. Army psychiatric nurse, disabled war veteran and founder of the nation’s first Women Veterans Business Center in Houston, thought networking meant meeting other professionals and exchanging business cards at special events. Now that she is transitioning to a new career in IT security, however, the word “networking” takes on a whole new meaning.
This summer, her company, Harrland Healthcare Consulting, LLC, plans to offer cybersecurity training to small- and medium-sized firms that conduct business with Houston’s major medical centers. These include Texas Children’s Hospital, M.D. Anderson Cancer Center and others affiliated with Texas Medical Center, the largest medical complex in the world. Harris also plans to do business with vendors that service Baylor University Medical Center in Dallas.
“These medical facilities are targets for security breaches,” Harris said in a recent telephone interview. “That’s why vendors, such as HVAC (heating, ventilation and air-conditioning) businesses, need help with software updates and patches, as well as general education on cybersecurity.”
The reference to HVAC vendors was not random. Retailer Target’s massive cyberattack during the 2013 holiday season is believed to involve stolen log-in credentials of an HVAC contractor remotely monitoring stores’ energy consumption and temperatures. Target said that breach exposed some 40 million debit and credit card accounts in about two weeks.
While it’s a hassle, credit card holders have recourse for unauthorized purchases and can be issued new card numbers. Not so with stolen healthcare data, which malicious hackers can leverage to fraudulently gain access to costly medical services, devices and prescription medications, as well as to acquire U.S. government benefits such as Medicare or Medicaid.
Harris, 57, intends to be CompTIA Security+ and CompTIA Cloud+ certified this year, and then to eventually qualify to become an (ISC)² HCISPP (HealthCare Information Security and Privacy Practitioner).
Afflicted with PTSD (post-traumatic stress disorder) due to sexual abuse early in her military career, she has overcome tremendous personal challenges in her life. By surmounting so many setbacks over the years, she has learned to seize an opportunity when it appears. That is exactly how her career pivot to healthcare cybersecurity began in July 2018—quite serendipitously.
The multitalented businesswoman, working as a freelance journalist, was covering an awards luncheon at an NAACP convention. The National Association for the Advancement of Colored People is a well-known U.S. civil rights organization and annually hosts between 8,000 and 10,000 visitors at its national convention. Last year, the event was held in San Antonio, about a four-hour drive from Harris’ home in Houston. After the luncheon, Harris decided to visit a diversity job fair that was part of the conference. Her goal: Interview women veterans looking for new career opportunities. After all, helping women veterans was her passion.
When she visited the booth of cloud service provider Rackspace, Harris became intrigued by the cybersecurity needed to protect data stored off-premises. She then learned of a free, five-day boot camp held in conjunction with the job fair. Harris expressed interest in the class and then spent the remainder of her day seeking out women veterans to interview.
The next day as she was driving back to Houston, her cell phone rang. It was a Rackspace representative informing her that she had been accepted into the boot camp.
“I made a U-turn and drove back to San Antonio,” Harris said. Although thrilled with the prospect of learning new technical skills, Harris admits the fast pace of the class and the high-tech terminology baffled her. “I didn’t know what OSI or script kiddie meant,” Harris recalled with a sigh. On the third day of the class, she decided to quit and return to Houston. “I was determined to understand this stuff, but at a level that would be easier for beginners.”
Harris found such an opportunity through a grant from the Texas Workforce Commission, a governmental agency that provided funding for Houston’s small businesses and individuals impacted by Hurricane Harvey. The grant covered a full scholarship: tuition, books and supplies for Houston Community College, where Harris took classes in cybersecurity along with students and even teachers who were half her age.
“I needed to resuscitate my career,” she admitted, having tired of the healthcare profession’s preoccupation with death, dying and disease. “Technology affords me a way of helping others in a much more empowering way [than traditional nursing].” While still holding a nursing license and actively involved in her nonprofit venture for women veterans, Harris wanted to expand the services she offered through her healthcare consulting business to include cybersecurity. “That’s why cybersecurity has been a life-changer for me.”
Pat Rarus is a writer, editor and book author who lives and works in Oceanside, Calif.