The challenges of running an information security program can be overwhelming. There are so many areas to address -- from encryption, to application security, to disaster recovery. Then there is the complication of compliance with regulatory requirements such as HIPAA,