A lot of healthcare organizations understand that they need to start looking for a chief information security officer. While there are many good candidates in the industry, good picks can be found in other industry sectors, as well, says Heather Roszkowski, CISO at the University of Vermont Medical Center.

Roszkowski knows. She came to healthcare from the Army after serving for 12 years and will speak during a presentation on selecting the right CISO at HIMSS15 on April 13. Infantry officers, as an example, deal with information security all the time; they have computer systems in their vests, helmets and vehicles, she notes. “They know how to stand up the CISO shop from the ground up.”

So, look for a CISO in healthcare, Roszkowski says, but also look for candidates elsewhere. Don’t be swayed by a certification only, but by experience. “Certification proves you know what to do; experience means you’ve done it,” she advises.

There is significant IT security expertise in all levels of the military, particularly those in the armed forces who represent the boots on the ground, she adds. Infantry officers, for example, become experts of the computer systems and sensitive information in their control.

Look for intangibles in candidates, Roszkowski advises. Technology skills are obvious, but what are just as important are customer service skills--having IT security personnel who can talk to non-techies about risks and solutions.

Mac McMillian, CEO of cybersecurity firm CynergisTek, also will present during Session 31, “Selecting the Right CISO and Building the Security Office,” on April 13 at 11:30 a.m. in Room S406.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access