Responding to market demand is ISACA, the non-profit security organization, which launched the Certified in Risk and Information Systems Control certification for IT risk professionals early this year.
Debbie Christofferson has worked in IT and information security for many years. And if there's anything she's learned about risk management, it's this: It's all about risk. "All of your decisions about information security should be based on risk to the organization."
A total price tag of nearly $1 billion for dealing with the aftermath of major breaches reported to federal authorities so far should motivate healthcare organizations to take aggressive steps to improve security, one analyst advises.