Risk management and mitigation is a high priority for CEOs and other senior executives worldwide — including CIOs and cybersecurity executives. The fact is, it’s impossible to separate risk from technology implementations and the potential cybersecurity vulnerabilities they present.
One of the biggest challenges of risk management, as it relates to IT, is the emergence of a growing number of government and industry regulations regarding data privacy and security. The difficulty of complying with all the regulations — particularly for heavily regulated organizations such as financial services firms, healthcare institutions and government agencies — is daunting.
Some of the regulations that address specific sectors have been in place for a number of years. For example, in financial services the Gramm–Leach–Bliley Act (GLBA) requires financial firms to protect customer data and disclose all of their data-sharing practices with customers.
In the healthcare sector, the Health Insurance Portability and Accountability Act (HIPAA) requires the protection of sensitive patient health information from being disclosed without the patient’s consent or knowledge. Risk management…
