ISACA Digital Videos | ISACA-澳门赌场官方软件

Video

A View into CTEM Exposure Management: Reducing your Attack Surface 3x

Organizations can no longer rely on legacy vulnerability management solutions to protect against even basic attacks. Instead, vulnerability management is just one small component in a unified continuous threat exposure management (CTEM) approach to securing an enterprise from malicious intruders and ransomware. In addition to vulnerability management, security around misconfigurations, patching, identity, software, external attack surfaces, and more must be included. In this ISACA Podcast, Nanitor Chief Strategist Derek Melber explains that an organization can prevent breaches and ransomware by taking an asset-centric prioritized-security approach that includes all of these security areas.

11 Views • 5 days ago

Video

ISACA Live | ISACA 2024 Virtual Conference Keynotes Preview

Our regional conference, 20-22 February, features three remarkable keynotes: RV Raghu (Asia-Pac, 20 Feb), Mike Echols (Americas, 21 Feb) and Tichaona Zororo (EMEA, 22 Feb). They are joined by ISACA's Paul Phillips for a preview of their keynote presentations and the region-focused content at our upcoming event.

4 Views • 5 days ago

Video

ISACA Live | Data Privacy Priorities in 2024

Join Lisa McKee and Safia Kazi as they discuss the latest data privacy challenges, priorities and opportunities, and share insights from ISACA's latest Privacy in Practice 2024 research report.

27 Views • 17 days ago

Video

Leveraging Agile Concepts for Neurodiverse Auditors

In this ISACA Podcast episode, we’ll delve into how leveraging Agile concepts can mitigate common challenges neurodiverse auditors face in the workplace. Neurodivergent auditors can bring a fresh and dynamic energy to projects if given appropriate accommodation. Join us as ISACA's Robin Lyons chats with Program External Audit IT Program Manager Amanda Tucker as they explore small changes that can significantly impact not only neurodiverse individuals on your team but the entire team itself.

18 Views • last year

Video

Improving Security While Enabling Market Access With a CCF

Software-as-a-Service (SaaS) providers continue to face increasing customer demand to attain security compliance certifications that demonstrate commitment to security, privacy, confidentiality, and more. Pursuing every national and international certification individually results in a repetitive cycle of ongoing walkthroughs, interviews, testing, and evidence requests (i.e., audits). A central CCF can be considered a one-stop shop response to the complex alphabet soup of compliance standards on the market today. In this ISACA Podcast episode, ISACA's Chris McGowan listens in as James Huang, Global Cloud Compliance Senior Manager explains why having a central CCF can help various product engineering teams meet their security compliance needs and understand the level of effort required for each compliance certification.

24 Views • last year

Video

Issue Management Confidential: Tools and Best Practices for Improving IT Issue Management

Effective IT issue management is crucial for organizations to mitigate financial loss, reputational damage, and operational disruptions. Issue management tools streamline the process by tracking and resolving issues, while risk rating helps prioritize responses based on their impact and likelihood. In this ISACA Podcast episode, ISACA's GRC Professional Practices Principal, Lisa Cook chats with IT Risk Manager, Eric Peck about why acknowledging and addressing high-risk issues with a structured approach empowers organizations to protect themselves and ensure compliance in today's complex regulatory landscape.

40 Views • last year

Video

ISACA Podcast | Minimizing Risk and Audit Requests

With the increasing demand for audits and risk assessments, artifact requests will not be going away anytime soon. However, the burden these activities bring to the organization can be drastically reduced when audit and risk work together. In this ISACA Podcast episode, Paul Phillips, Director of Event Content Development at ISACA, hosts Staff Governance, Risk, and Compliance Analyst, Benjamin Bartz. Ben takes a deeper dive and elaborates on some of the must-haves for this partnership to live to its full potential.

25 Views • last year

Video

ISACA Live: Generative AI: Risks, Opportunities and Critical Next Steps

AI expert and author Raef Meeuwisse will share insights from ISACA's brand-new generative AI research and outline the top concerns, opportunities and next steps organizations should be taking.

18 Views • last year

Video

Exploring the Benefits of Neurodiversity within Cybersecurity

Neurodiversity within cybersecurity offers many benefits but requires organizations and hiring managers re-evaluate hiring practices and job descriptions typically structured for neurotypical applicants. Join ISACAs Director of Professional Practices and Innovation as he hosts a conversation with a company helping to remove barriers and maximize the value neurodiverse talent bring to cybersecurity.

31 Views • last year

Video

Cultivating Inspired Leaders with Kristi Hedges

If we want people to bring their most creative, innovative selves to work, we need to cultivate a culture where inspiration is given, encouraged, and fostered. In this ISACA Podcast, Kristi Hedges, executive coach, and leadership development consultant, speaker, and author, gives a sneak peek of her upcoming member-exclusive 'Cultivating Inspired Leaders, a CPE-eligible event. At the event, Kristi Hedges will provide a roadmap for building an inspired mindset for leaders, teams, and individuals. Register for this ISACA event at http://h0snu.hataselektrik.com/membership/member-exclusive-speaker-series

17 Views • last year

Video

ISACA Live | CMMI Mythbusting: Misconceptions vs. Realities

ISACA's COO Simona Rollinson and CMMI Lead Appraisers discuss common misconceptions around CMMI and what the reality is. Think CMMI is only for large organizations? Think again. Is CMMI only for government contractors or software development companies? No! Organizations from all industries across the globe are using it. Watch for more! For more information, visit: http://cmmiinstitute.com/

119 Views • last year

Video

Internal Audits That Create Stakeholder Value Adopting an Agile Mindset

Agile Scrum is a lightweight framework that promises to significantly improve internal audits by creating a mindset that generates stakeholder value through adaptive solutions for complex auditing problems. This mindset is needed as organizations face unprecedented changes and pressures in today's business landscape. Internal audits must keep leaders informed and aware of potential risks. Such a mindset addresses some of the often-experienced auditing challenges such as a lack of senior management support, insufficient audit preparation time, difficult auditees and lack of time needed to write audit results. Featuring special guest Thomas Bell and hosted by ISACA's Robin Lyons.

204 Views • last year

Video

Strategies for Avoiding Burnout

Chronic workplace stress can lead to burnout, which poses a significant risk to the mental health of busy professionals, such as auditors. But how can these professionals protect themselves from burnout? And how can their employers help them do so? If you are interested in learning the answers to these questions, then watch as ISACA’s Robin Lyons and Dr. Elena Klevsky, Assistant Professor of Accounting at the University of Tampa, discuss strategies for avoiding burnout. Inspired by the Sustainable Model of Human Energy proposed by Ryan Quinn, Gretchen Spreitzer and Chak Fu Lam, these strategies focus on managing your personal energy by increasing resources, decreasing job demands, practicing skills and tasks, and monitoring energy. Properly implementing these strategies has the potential to help busy professionals ensure that they have sufficient resources to meet their job demands, and, therefore, increase the likelihood that they feel energized instead of exhausted.

219 Views • last year

Video

The Danger of Distraction in Augmented Reality

While users of technology are becoming more educated in how to avoid cyberattacks such as phishing, a distracted user might be more prone to missing signs of social engineering. This project explored whether users immersed in augmented reality applications were more inclined to fall for an on-screen text message that prompted familiarity (such as a friend calling in) or urgency (such as a warning to update software or be subject to an automatic device re-boot within a certain timeframe). Featuring special guest Sarah Katz and hosted by ISACA's Collin Beder.

161 Views • last year

Video

Managing Human Risk Requires More Than Just Awareness Training

A comprehensive information security awareness program must be in place to ensure that employees are aware of and educated about the threats they may encounter at the workplace. The workforce needs to be prepared to know how to respond to these threats. It all starts with a risk assessment to identity the most critical of risks that need to be mitigated through preparedness. Making security a part of the organization’s culture reduces these risks to an acceptable level. Featuring special guest Chris Madeksho and hosted by ISACA's Lisa Cook.

202 Views • last year

Video

Preparing for Interruptions, Disruptions and Emergence Events

This podcast speaks about how an Information Systems (IS) Auditor can prepare for the Interruptions, Disruptions and the Emergence events that happen to the business and to technology. Describing the features of Interruptions, Disruptions and Emergence events and distinguishing the differences between them, special guest Anantha Sayana outlines how the IS Auditor can prepare, react, and contribute to all the three. Hosted by ISACA's Hollee Mangrum-Willis.

401 Views • last year

Video

IS Audit in Practice: Data Integrity On Demand

On this podcast, ISACA's Hollee Mangrum-Willis and special guest Cindy Baxter discuss the disparities between American communities and access to electronic health records. From there, they examine how key data insights from the ISACA community can help us all be healthier.

205 Views • last year

Video

Processes of Engagement with Scott Gould

Scott Gould is the author of 'The Shape of Engagement: The Simple Process Behind how Engagement Works.' In this podcast, Scott gives a sneak peak at his upcoming member-exclusive, CPE-eligible event. Scott will discuss the essential frameworks for understanding and operationalizing engagement and building enduring connections with your networks and communities.

241 Views • last year

Video

Delivering Security Value to Product Teams Using the Power of Data

In security, aligning with product teams has never been more important, especially when outmaneuvering adversaries. To foster a truly productive and action-oriented cybersecurity culture, security teams must begin addressing their product engineering counterparts as customers they serve rather than entities they govern. In this podcast, ISACA’s Chris McGowan listens in as Adobe’s Manager of Adversary Intelligence Gurpartap “GP” Sandhu provides unique insight into how he’s bringing intrapreneurship to life in product security through a key project that delivers actionable data that product teams can use to enhance their security posture more rapidly. They’ll also discuss how his team is harnessing strong adversary focus using the power of data and share advice on how you can stay ahead of adversaries by better predicting their next move in the ever-changing threat landscape. Tune into this ISACA Podcast to learn more! Check out more from Adobe, http://www.adobe.com/trust.html For more ISACA podcasts, h0snu.hataselektrik.com/podcasts

160 Views • last year

Video

AI Ethics and the Role of IT Auditors

We, as a society, have always lived by certain norms that are driven by our communities. These norms are enforced by rules and regulations, societal influence and public interactions. But is the same true for artificial intelligence (AI)? In this podcast we discuss and explore the answers to some of the key questions related to the rapid adoption of AI, such as: What are the risks associated with AI and the impact of its increasing adaption within almost every industry? And, what role should we as IT Auditors should play in this fast changing technological landscape? Hosted by ISACA's Hollee Mangrum-Willis and featuring special guest Jai Sisodia.

502 Views • last year

Video

Using a Risk-Based Approach to Prioritize Vulnerability Remediation

Organizations today struggle with vulnerability management. More specifically, remediating vulnerabilities in a timely manner poses a challenge. With vulnerability remediation backlogs growing at an alarming rate, what can organizations do to meet their established remediation timelines and to protect the organization from cybersecurity threats. Cybersecurity leader Ray Payano will discuss the exponential increase in published vulnerabilities, the lack of resources in cybersecurity to perform remediation and balancing remediation with reduced maintenance windows. These challenges contribute to organizations struggling with remediation backlogs. Ray will explain how calculating vulnerability risk can help organizations prioritize their vulnerabilities based on risk level to help determine the order in which vulnerabilities are addressed. Hosted by ISACA's Chris McGowan.

324 Views • last year

Video

The True Cost of a Data Breach

Guests Jack Freund and Natalie Jorion discuss the need for additional data for quantitative risk analyses and methods to derive that data when it does not exist. They cover how this was done in the past and their updated method for interpolation of such data from record losses and other firmographic data. They end with a discussion of the role of model validation and how it can enable reliable risk management decision making. Hosted by ISACA's Safia Kazi.

270 Views • last year

Video

2023 IT Compliance and Risk Benchmark Report

Are you wondering about the ever-changing landscape of IT compliance and risk management? Look no further. Hyperproof, a leading SaaS compliance operations provider, conducts an annual survey of over 1,000 IT risk, compliance, and security professionals to uncover their top challenges. Tune in to this exclusive episode to hear about the top five most important statistics uncovered from the survey and get an overview of how your industry peers are managing IT risk and compliance programs within their organizations. We’ll cover: ● The top five findings from the survey ● How your peers are planning to handle compliance, audit management, and risk management in the midst of this year’s volatile economy ● What companies are doing differently in response to recent and highly publicized security breaches to avoid security lapses and compliance violations Download Hyperproof’s 2023 IT Compliance and Risk Benchmark Report http://hyperproof.io/it-compliance-benchmarks/

241 Views • last year

Video

What Kind of Glasses Are You Wearing? Your View of Risk May Be Your Biggest Risk of All

The world of business has changed dramatically over the past few years. Our digital world is more connected than ever, leaving security and technology teams stretched even thinner. Privacy and data regulations are increasing on a state and national level, threat actors are learning and evolving, and cybersecurity has finally become a boardroom priority! Now that you have leadership’s attention- what will you do? If your answer is “risk management as usual”, that may be holding you back. Traditional risk management approaches make a lot of promises, but most of them are myths. Do any of these sound familiar? ● You can make better-informed decisions by using a single platform. ● You can use automation to achieve continuous compliance. ● You can implement risk management by creating a risk register. ● You can use qualitative attributes to measure and assess risk. In this episode, we’ll assess risk management myths and discuss how to establish scalable, quantifiable, and always-on risk management for the future. Hosted by Lisa Cook and featuring special guest Meghan Maneval.

264 Views • last year

Video

How Organizations Can Consistently Reduce Cyberrisk

Cyber threats are now a “clear and present danger” to most organizations, companies and governments of the world. A good cyber defense involves many, intricate layers. You can never have enough layers, just like you can never remove all the risk. In order for organizations to reduce as much risk as possible, in a rapidly shifting threat landscape, they must constantly make improvements. The threat groups are making rapid improvements and increasing their expertise at a steady rate. They are investing in R&D and Zero-Day exploits. To offer a good defense, we must make progress at the same rate as the threat groups or we may fall behind, increasing risks and allowing the cyber world to become like the “wild-wild west.”

173 Views • last year

Video

Key Considerations for Conducting Remote IT Audits

Conducting adequate preparation including risk assessments, assessing resource requirements and ensuring ongoing communication to harness both the benefits and to address the potential challenges faced when conducting hybrid or fully virtual audits.

210 Views • last year

Video

Understanding and Assessing Organization Culture

Organizational culture is crucial because it shapes behaviors and attitudes in the workplace, which can profoundly impact operations and overall success. However, it is sometimes difficult for CISOs and other infosec managers to fully understand their culture because they are inside it constantly. In this ISACA Podcast episode, author and journalist Mark Tarallo chats with ISACA's Safia Kazi about how infosec managers can assess the organizational culture by using a culture model to examine the behaviors, relationships, attitudes, values, and environment that the culture sustains. It also discusses possible ways to lead a culture change initiative. To read Mark's full ISACA Journal article, "Understanding, Assessing, Aligning and Transforming Organizational Culture," click the link http://h0snu.hataselektrik.com/organizational-culture For more ISACA Podcasts: http://h0snu.hataselektrik.com/podcasts

176 Views • last year

Video

Seven Things to Know Before Automating IT General Control Audits

This podcast is a practical discussion with two IT Internal Auditors, Frans Geldenhuys and Gustav Silvo, that have automated IT General Controls across their highly diversified and decentralized group. They will share some of the pitfalls they have experienced in their automation roll out and advise on how to avoid or manage these pitfalls with host, Robin Lyons. Check out Frans and Gustav’s full ISACA Industry News article, “Seven Things to Know Before Automating IT General Control Audits,” http://h0snu.hataselektrik.com/automating-it-general-control-audits For more ISACA Podcasts, http://h0snu.hataselektrik.com/podcasts

280 Views • last year

Video

Industry Spotlight - Julia Kanouse

Get to know Chief Membership and Marketing Officer Julia Kanouse as she sits down with childhood best friend and ISACA VP Amanda Raible. The duo discuss everything from leadership to motherhood while competing in Mario Kart! Tune in!

142 Views • last year

Video

ISACA Live | Measuring & Communicating Cyber Capabilities

There are many standards describing cybersecurity outcomes to achieve and capabilities to implement, but what does success look like, and how do we know if we’re doing enough? In this video, Kelly Hood, CDPSE, Cybersecurity Engineer at Optic Cyber Solution, shares different types of measurements, such as metrics and performance indicators, to help you understand how and when to use each of them when measuring your cyber capabilities and communicating the outcomes of your cybersecurity programs.

207 Views • last year

Video

What Is Your IP Address Cybersecurity IQ? The Role of IP Address Data in a Digital World

There are literally thousands of VPN services on the market. Some are undeniably benign, but others offer a slate of features that are friendly to cyber criminals. Keeping your network safe from hackers requires you to understand the VPN market, and make decisions based on your company’s appetite for risk. Fortunately, by analyzing IP address data associated with these devices, security professionals can get access to a wealth of VPN contextual data that helps them distinguish between perfectly legitimate providers and those that turn a blind eye toward crime. In today’s world, it is vital for security professionals to know how to leverage IP address data and its contextual insights to protect enterprise networks.

192 Views • last year

Video

ISACA Live | The Equity Gem: Actionable Steps to Help Close the Equity Gap

In celebration of International Women's Day, themed #EmbraceEquity, Limor Bergman and Willena Lon will share tips on actionable steps to help close the equity gap.

63 Views • last year

Video

Conference Chats with Chelsey & Robyn

Tune in to listen to ISACA’s very own Chelsey Byrd and Robyn Franko as they discuss the upcoming fun at ISACA Conference North America 2023: Digital Trust World. Listeners will get some insider information into future conferences and some laughs as the ladies discuss past, present & future ISACA events! Additional event information can be found http://h0snu.hataselektrik.com/training-and-events/isaca-digital-trust-world-conference

129 Views • last year

Video

Eight Cybersecurity Trends to Watch for in 2023

With the start of a new year, it is a key time for all organizations, small through enterprise, to examine their IT infrastructure and review cyber security policies. With the new digital transformations and an evolving regulatory landscape, organizations are more prone to cyberattacks. In fact, statistics released in Nov 2022, show that approximately 52 million data breaches occurred globally during the second quarter of this year alone. So what do businesses need to know to be able to try and mitigate these issues?

334 Views • last year

Video

Measuring Security Resilience from the Lens of the Adversary Community

In a world where adversaries are constantly adapting to improve tactics, techniques, and procedures (TTPs), it is crucial to understand the unique traits and goals of various types of adversaries that actively seek to cause harm to an organization. The personification of these threats will ultimately help measure resilience against specific threat actors, identify investment and hardening opportunities, and improve trust with customers. In this podcast, Daniel Ventura, Manager of Product Security Incident Response Team (PSIRT), shares insight into Adobe’s approach to adversary personification as well as provides guidance on how you can better measure the security resilience of your products. He’ll also talk about Adobe’s bug bounty program which helps his team identify new trends in adversary interest and defend against real incident response events.

106 Views • last year

Video

The Future of Technology Risk: 4 Ways to Build Stakeholder Trust in the Technology Risk Imperative

Today, the pace of change across industries is quicker than ever before. Economic, political, and social unrest and a global climate crisis have placed unprecedented disruption and pressures on organizations looking to navigate a rapidly changing environment. Firms are being out-innovated and entire industries are being disrupted in a matter of months or years, as opposed to decades. Shifting regulations, data as an asset, dynamic customer behavior and employee expectations of continued flexibility in a more virtual workplace add to the challenge. Technology risk and compliance needs to adjust to this new reality. The strategy and value of an organization’s technology risk management are becoming essential to build and secure stakeholder trust. That means moving closer to the point where the risk events occur and using preventative, detective, and automated controls as much as possible. In this podcast, Beth McKenney, a Principal in the KPMG Technology Risk service network, offers a game plan for companies to meet these today’s challenges with an eye on building stakeholder trust. That means having a proactive, rather than a reactive, approach to risk management.

101 Views • last year

Video

Risky Business – Jon Brandt

For the average person, life moves quickly. But for business leaders and anyone involved in any aspect of IT, the pace at which technology is changing is overwhelming. Technology can help businesses and individuals do more with less and increase profit margins. However, technological advances carry tremendous risk and increase the criticality of risk management. No longer can business and personal use of technology be viewed in siloes. ISACAs Director of Professional Practices and Innovation, Jon Brandt, is joined by Ryan Cloutier as they discuss some of the latest headlines and impact to intellectual property.

174 Views • last year

Video

Advertising Information Security

In this episode, executive principal at Risk Masters International’s Steven Ross discusses why vendors of IT products and services are advertising information security, why businesses are not advertising their security and how to use information security as a component of organizations’ public images with host Safia Kazi.

155 Views • 353 days ago

Video

Building Digital Trust Through Advocacy

If you thought ISACA was only about certification and education, get ready to listen to this podcast and see how ISACA advocates for the IT Audit and Risk Management professions! Join Cindy Baxter, author of the Audit in Practice column in the ISACA Journal, as she interviews two members of the ISACA New England Board of Directors who attended ISACA’s Hill Day in Washington DC. Hear how they met with their government representatives and with ISACA’s help, discussed legislation that supports our profession! It’s an opportunity to think about the impacts you can have in your own back yard and with civic leaders!

130 Views • 355 days ago

Video

Rethinking Identity Governance

SaaS is eating the world even more than we think. Companies are dealing with SaaS sprawl: hundreds of apps distributed across different owners that store sensitive data and which are used to orchestrate critical business workflows. Security-minded teams are turning to external compliance frameworks to help protect their customers and data. However, traditional identity governance controls have fallen short of delivering real security outcomes in this digital-first world. They’re missing a critical piece: automation. In this episode, ConductorOne’s CEO and Co-Founder, Alex Bovee joins this episode to discuss why we need to change the way we think about compliance and risk and what a security-led governance program could look like. Learn more about ConductorOne at http://www.linkedin.com/company/conductorone/ or http://www.conductorone.com/blog/automating-compliance-controls-least-privilege-access/

236 Views • 362 days ago

Video

2023: The Year of Risk

A review of the events of 2022 shows that 2023 will not be the year of dire new cyber attacks waged by hoodie-wearing cyber criminals or office-bound nation-state APTs. Instead, 2023 will be when multiple regulatory bodies express their mounting frustration with public and private companies' collective inability to reduce the volume and impact of prior cyber attacks. Tune into this ISACA Episode as Hyperproof’s Field CISO, Kayne McGladrey, speaks with ISACA’s Jeff Champion on how 2023 will be the year of risk. Learn more about Hyperproof at: http://twitter.com/Hyperproof http://www.linkedin.com/company/hyperproof/ http://www.instagram.com/hyperproof/ Additional Hyperproof Resources: http://hyperproof.io/resource/the-ultimate-guide-to-enterprise-risk-management/ http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2022/three-key-predictions-for-2023-the-year-of-risk http://hyperproof.io/resource/risk-management-software-buyer-guide/ http://hyperproof.io/case-studies/pythian-uses-hyperproof-to-get-time-back-and-improve-its-risk-management-maturity/

341 Views • 363 days ago

Video

Improving Cyber Resilience in an Age of Continuous Attacks

We live in the age of continuous compromise. This podcast dives into why so many organizations continue to be breached even after spending money on cybersecurity point solutions. Many organizations gravitate towards silver bullet solutions without understanding the threat and impact. In this ISACA Podcast episode, Chris McGown speaks to Rex Johnson and Hamlet Khodaverdian about why a holistic and collaborative approach is absolutely critical to creating cyber-resilience. For more information check out h0snu.hataselektrik.com/improving-cyberresilience-in-an-age-of-continuous-attacks

292 Views • 1 year ago

Video

ISACA Live | Digital Trust Priorities for Privacy and Emerging Tech

ISACA Digital Trust Advisory Council Members Anne Toth and Michelle Finneran Dennedy will discuss privacy concerns and priorities around emerging tech and the most critical considerations for ensuring strong digital trust. Visit hataselektrik.com/privacy-month-2023

344 Views • 1 year ago

Video

ISACA Live - Career Changing Impact of Mentorship

To celebrate International Mentorship Day in January, we are hosting an ISACA Live hosted by Liz Pisney, with panelists Veronica Rose (ISACA Board Director) and career expert Caitlin McGaw.

188 Views • 1 year ago

Video

Information Privacy Contradiction: Interest-Based Posture of Compliance and Violation

Why do individuals, organizations, institutions, nations, or responsible agents work hard to preserve their personal and enterprise data, personnel information, trade secrets, intellectual properties, technical know-how, or national data, yet easily trade on the individual and enterprise data and national data of others? To understand and answer the question appropriately, one must examine the underlying of the Information Privacy Realities Contradiction Theory (IPRCT), which is integral to (1) our natural unity of opposites, (2) our material dialectic mechanism or struggle of choosing from the opposites, and (3) the role of our self-interest in time and circumstance. Therefore, understanding the intricacies of the IPRCT would be instrumental to the proper and timely introduction of privacy requirements early in our system development lifecycle and in the development and enactment of information privacy policies, directives, guidance, and regulations around the world. In this ISACA Podcast episode, Safia Kazi host Dr. Patrick Offor, Chief Warrant Officer Five Retired (CW5(R)); Associate Faculty, to discuss his recently released ISACA Journal article. To read Dr. Offor’s full article, please visit http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-6/the-information-privacy-contradiction. To listen to more ISACA podcasts, please visit h0snu.hataselektrik.com/podcasts.

272 Views • 1 year ago

Video

Should Cybersecurity Be Subject to a SOX-Type Regulation?

Numerous laws and regulations have been passed to protect sensitive information, both at the federal and state level, creating a patchwork of requirements for companies to comply with. However, with limited resources for cybersecurity investment, this uncoordinated approach has clouded objectives and led to decision paralysis within firms. Could cybersecurity implementation benefit from a Sarbanes-Oxley Act (SOX) type approach? This approach would create a risk-based, internal control model focused on cybersecurity that includes enforcement capabilities and requires third-party oversight and executive accountability. To read Should Cybersecurity Be Subject to a SOX-Type Regulation? Please visit h0snu.hataselektrik.com/should-cybersecurity-be-subject-to-a-sox-type-regulation. To listen to more ISACA podcasts, please visit h0snu.hataselektrik.com/podcasts.

280 Views • 1 year ago

Video

Beware the Traps of Data Governance and Data Management Practice

Guy Pearce joins ISACA’s Lisa Villanueva for a conversation about the traps of Data Governance and management. Guy breaks down Lore vs. Data, reasons for not using information for decision-making and why data is a shared benefit for the organization. Stay tuned until the close to hear Guy’s advice on how to use metaphor when communicating technical concepts to executive leadership. To read Guy's full article, visit: To listen to more ISACA podcasts, please visit: h0snu.hataselektrik.com/podcasts.

281 Views • 1 year ago

Video

Convergence: Where Next?

ISACA’s Jeff Champion welcomes Steven Ross to the ISACA podcast. Steven asks what the effect of Convergence on the Control Community and concludes that everything is connected to every role, and it is becoming risky to have employees siloed within their own practice. He also remarks on how he once wrote an ISACA Journal article about companies creating a role for Chief Security Officer and now that is becoming a reality within the industry. Tune in now! To read Steven’s full-length article, visit: h0snu.hataselektrik.com/convergence-where-next. To listen to more ISACA podcasts, visit: h0snu.hataselektrik.com/podcasts

169 Views • 1 year ago

Video

Do Data Go to Waste

The Impact of SOX on the Industry 20 Years Ago and Today. Opponents of Sarbanes Oxley, (SOX) contend the law is too costly for companies to operationalize given the small benefit that SOX regulation provide. Proponents say that a world without SOX is a world in chaos. This article discusses how SOX measures up 20 years after the law was enacted. To read Cindy's ISACA Journal article, Do Data Go to Waste, please visit: h0snu.hataselektrik.com/do-data-go-to-waste. To listen to more ISACA Podcasts, please visit h0snu.hataselektrik.com/podcasts.

163 Views • 1 year ago

Video

Protecting Your Enterprise and Deterring Fraud in a New Risk Era

As uncertainty persists due to the COVID-19 pandemic, the war in Ukraine, international cyberthreats, inflation, and a looming recession, it is clear that the world has entered a new era of risk. These factors have created the perfect storm for rising fraud. In the past year, unauthorized digital account openings increased by 21%, while smartphone-related cyberattacks soared by 71%, reflecting a changing threat landscape impacting enterprises and consumers alike. According to one global survey, nearly half of all respondents experienced fraud in the past 24 months, 3 compromising financial resources, personal data, and peace of mind with frightening rapidity. Recent research we have completed also reflects that “60% of Consumers Don't Believe Companies Do Enough to Protect Their Data as Demand for Security Grows". Listen to the CEO of GBG Americas, Christina Luttrell, as she explains that, as a result, identity verification is a priority for organizations and government agencies that view it as a strategic differentiator that allows them to enhance the customer experience while improving their defensive posture at a critical time in this ISACA podcast episode. To read the ISACA Journal article, Protecting Your Enterprise and Deterring Fraud in a New Risk Era, please visit: http://h0snu.hataselektrik.com/protecting-your-enterprise To listen to more ISACA Podcasts, please visit h0snu.hataselektrik.com/podcasts.

313 Views • 1 year ago

Video

The Circle of Failure: Why the Cyber Security Industry Doesn’t Work

Richard Hollis, Director of Rick Crew, is serious about asking the tough questions. ISACA’s Jon Brandt welcomes him to the ISACA podcast to have a conversation that challenges the status quo: Does the Cyber Security Industry work? After decades of experience in the security industry, Richard asks, “have I affected any change?” Richard points out that if we buy a toaster at the store and it doesn’t work, we return it, but as security professionals, we don’t hold products to the same standards. Why is this? Jon and Richard go back and forth on FUD, vendors, false positives, and where accountability lies in the industry. Join Richard and Jon in the conversation to think about how we can affect the positive change that we want to see in our industry in the future! To read Richard's full report, please visit h0snu.hataselektrik.com/the-circle-of-failure. To listen to more ISACA podcasts, visit h0snu.hataselektrik.com/podcasts.

525 Views • 1 year ago

Video

Taking Security Strategy to the Next Level: The Cyber Kill Chain vs. MITRE ATT&CK

In an era of rampant ransomware and other malicious cyberattacks, it’s mandatory to double down on cybersecurity analysis and strategy to ensure an optimal security posture and the protection of critical assets and data. Today, two models can help security professionals harden network resources and protect against modern-day threats and attacks: the cyber kill chain (CKC)and the MITRE ATT&CK framework. Tim Liu, long-term security technologist, co-founder, and CTO, will provide an overview of these two frameworks and the limitations or benefits of each approach. To read Taking Security Strategy to the Next Level, please visit: h0snu.hataselektrik.com/taking-security-strategy-to-the-next-level To listen to more ISACA podcasts, please visit: h0snu.hataselektrik.com/podcasts

448 Views • 1 year ago

Video

Auditee Buy-In—A Key Component of Effective Audits

As you plan and execute your audit, do you take time to invest in the stakeholder relationship? This can be an often-overlooked element but essential in an effective audit. Tune into this ISACA Video Podcast as Steve Jackson, IT Audit Manager at Airbnb, chats with ISACA’s Robin Lyons about ways to gain auditee buy-in and have a successful and effective audit. To read Steve’s full-length article, “Auditee Buy-In—A Key Component of Effective Audits,” visit h0snu.hataselektrik.com/auditee-buy-in For more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts

430 Views • 1 year ago

Video

Breaking Down the ESET T2 2022 Threat Report

In this ISACA Podcast episode, ESET’s Chief Security Evangelist, Tony Anscombe, joins ISACA’s Principal, Emerging Technology Professional Practices, Collin Beder to discuss ESET’s recently released T2 2022 Threat Report. As a global leader in cybersecurity, ESET’s T2 2022 Threat Report summarizes the most notable trends that have shaped the threat landscape for the past four months. This report dives into CloudMensis, the previously unknown macOS malware discovered by ESET researchers. To read the full ESET report: http://www.welivesecurity.com/wpcontent/uploads/2022/10/eset_threat_report_t22022.pdf. For more information, check out ESET’s award-winning blog: WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research. To listen to more ISACA Podcasts, please visit h0snu.hataselektrik.com/podcasts.

162 Views • 1 year ago

Video

Enabling Digital Trust through Canada's Digital Charter

Data are the lifelines of a digital economy. They drive innovation, enabling cutting-edge research and next-generation technologies, including artificial intelligence (AI), robotics, and the Internet of things (IoT). But these opportunities introduce new sources of risk that must be managed appropriately. Canadians are raising important questions such as, “How will personal data be used?” and “What controls are in place to safeguard privacy and security?” To encourage innovation within the digital economy while managing this risk, the Government of Canada has established the need for digital trust between citizens and organizations as an enabler by implementing a Digital Charter. As the Canadian government cites, “Trust is the foundation on which our digital and data-driven Canadian economy will be built.” This digital trust is defined by the “confidence that users have in the ability of people, technology, and processes to create a secure digital world. Tune into this ISACA Podcast as the Acting Director of Internal Assurance at the Office of Enterprise Risk & Assurance of the University of British Columbia (UBC), Mary Carmichael, join’s ISACA’s Safia Kazi to explore topics including what is the Digital Charter and how it supports digital trust; what are critical elements of the Digital Charter (e.g., AI Ethics, Privacy, Principles for the Digital Economy); what are the implications for organizations and the public. To read Mary’s full-length article, visit http://h0snu.hataselektrik.com/enabling-digital-trust-with-canadas-digital-charter. To listen to more ISACA podcasts, visit http://h0snu.hataselektrik.com/podcasts.

160 Views • 1 year ago

Video

It's About (Down) Time

It is all about the system's downtime. In this ISACA Podcast episode, Risk Masters International's Steven Ross tells ISACA's Collin Beder that organizations should start focusing on hours of unavailable systems and data when measuring the cost of a cyber-attack. Steven also discusses the causes and targets of system downtime and why he thinks the IT world is currently living in a dangerous time. To read Steven's full-length article, visit: h0snu.hataselektrik.com/its-about-down-time To listen to more ISACA Podcasts, visit: h0snu.hataselektrik.com/podcasts

179 Views • 1 year ago

Video

How Social Engineering Bypasses Technical Controls

We are subjected to phishing scams almost every day, and even the most seasoned professional must examine an email to ensure the links included are safe. Brown University and Federal Reserve Bank of Cleveland's Allen Dziwa says people are the weakest link and that customized messaging using regional language for targeted attacks are becoming more prevalent. Allen breaks down the many types of attacks (phishing, spear phishing, smishing, vishing, whaling) with ISACA's Kevin Keh. Tune into this ISACA Podcast to learn how to be vigilant when facing potential attacks from scammers. To read Allen’s full article, please visit: h0snu.hataselektrik.com/how-social-engineering-bypasses-technical-controls To listen to more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts

481 Views • 1 year ago

Video

What Makes Risk Assessments So Unpleasant and How to Change That

Ryan Cloutier's child came home from school one day and told him that he had figured out the staff Wi-Fi password. Frustrated that the security wasn't better for a school network, Ryan decided to do something about it. Since then, his career has been focused on serving K12, local government and socio-economically disadvantaged communities with his company Security Studio. ISACA's Jeff Champion asks him about ways to overcome technical language barriers when completing risk assessments, and Ryan discusses key issues with risk assessments and a path forward to resolving them. Tune in to start thinking about more interesting ways to approach risk assessments! To read Ryan's full-length article, visit: h0snu.hataselektrik.com/what-makes-risk-assessments-so-unpleasant To listen to more ISACA Podcasts, visit: h0snu.hataselektrik.com/podcasts

291 Views • 1 year ago

Video

ISACA CyberPros – Naomi Buckwalter

Executive Director of Cybersecurity Gatebreakers Foundation, Naomi Buckwalter, joins ISACA’s Jon Brandt to discuss burnout. There are many factors at play when discussing burnout: company culture, work-from-home flexibility, unrealistic expectations from supervisors, and industry pressure, but Naomi gives you multiple action plans for combatting workplace burnout and creating healthy boundaries with your colleagues. Tune into this ISACA Podcast now! To learn more about Naomi, please visit: http://www.linkedin.com/in/naomi-buckwalter/ To listen to more ISACA podcasts, please visit: h0snu.hataselektrik.com/podcasts

808 Views • 1 year ago

Video

Quantifying the Qualitative Risk Assessment

In this ISACA podcast episode, IT Risk Director and Senior Vice President Mike Powers, joined by IT Segment Risk Manager Julie Ebersbach to discuss the use of the qualitative risk assessment as part of an organization's enterprise risk framework, focusing on the use of data to inform subjective judgments. The value and accuracy of a qualitative risk assessment, based on subject matter expert judgment, can be improved with focused data. Tune in now to hear Mike and Julie chat with ISACA’s Jeff Champion about how using quantifiable data increases the reliability, accuracy, and credibility of the qualitative risk assessment. To read Quantifying the Qualitative Technology Risk Assessment, please visit: h0snu.hataselektrik.com/quantifying-the-qualitative-technology-risk-assessment To listen to more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts

495 Views • 1 year ago

Video

Industry Spotlight with Ali Pabrai

There is no denying the passion that ecfirst's CEO, Ali Pabrai has for cybersecurity. In this ISACA Podcast, Ali tells ISACA's Hollee Mangrum-Willis that after all his years in the industry, he is still more excited than a two-year-old at the entrance to Disneyland. Listen in as Ali discusses his origin story as a first-generation American working for Fermi National Accelerator Laboratory, creating a startup soon after the new millennium and how he has balanced all his career accomplishments while raising a neurodivergent child. Tune in now to hear about why Ali thinks we should compare the human body to cybersecurity and much more! To learn more about Ali, please visit: http://www.linkedin.com/in/pabrai/ To learn more about OneInTech, please visit: www.oneintech.org To listen to more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts

487 Views • 1 year ago

Video

How to Mature Your Privacy Compliance Program: A Conversation With OneTrust DPO Linda Thielova

Compliance with the world’s ever-increasing list of privacy laws can be a tricky undertaking for any organization, but by taking a few simple steps, you can begin to mature your privacy program from a series of check-box exercises into an intelligent compliance program that can help organizations to build consumer trust and protect brand reputation. Join this conversation with OneTrust DPO Linda Thielova and ISACA's Paul Phillips to learn how to operationalize privacy compliance within your organization and get practical tips on how to mature your privacy compliance program.

330 Views • 1 year ago

Video

Managing Cybersecurity Risk as Enterprise Risk

Cybersecurity incidents like ransomware can potentially bring operations to a standstill. Recent regulatory changes by the FTC and proposed changes by the SEC show that both agencies are drafting cybersecurity rules similar to ERM concepts. This would include board oversight of cybersecurity and the responsibility of senior management to implement cybersecurity policies and procedures and provide training for information security staff that is sufficient for them to address relevant security risks. In addition, this could mean that your organization may be required to report incidents and disclose cybersecurity policies and procedures. Tune in to this ISACA Podcast episode to listen in as Cyber Defense Labs’ Manager of Cybersecurity Advisory Services Tom Schneider tells ISACA’s Jeff Champion that any threat to this essential information is an enterprise risk that needs to be managed by the enterprise through teamwork, with leadership from both the board and senior management. Tom also gives insights into managing cybersecurity risk as an enterprise risk. To read Managing Cybersecurity Risk as Enterprise Risk, please visit: h0snu.hataselektrik.com/managing-cybersecurity-risk-as-enterprise-risk. To listen to more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts.

501 Views • 1 year ago

Video

Implementing Artificial Intelligence: Capabilities and Risk

University of Florida's Ivy Munoko is passionate about AI and has plenty to share regarding implementation and usage, but ISACA's Collin Beder asks, "is it ethical"? Ivy breaks down the ethical considerations for AI and the four types of intelligence (Mechanical, Analytical, Intuitive, Empathetic), and she shares her take on why she thinks AI won't be replacing our jobs for a very long time to come. To read Ivy's article, please visit h0snu.hataselektrik.com/implementing-ai-capabilities-and-risk. To listen to more ISACA Podcasts, please visit h0snu.hataselektrik.com/podcasts.

270 Views • 1 year ago

Video

Audit in Practice: Auditing Culture

What’s The Risk LLC’s Cindy Baxter sits down with ISACA’s Robin Lyons to discuss auditing culture, which can be one of the most interesting areas to audit. We all have things we want out of our work environment like remote work, flexible hours or as Cindy comments: “I’d love to take my dog to work with me!”, but she and Robin question what is really important to workplace culture, and does it start with a “tone at the top”? Cindy gives advice on auditing approaches and key assessments when auditing as culture can be a critical part of an organization, making or breaking its effectiveness. To read Cindy’s full length article, please visit: h0snu.hataselektrik.com/auditing-culture To listen to more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts

368 Views • 1 year ago

Video

Incident Report & Continuous Control Monitoring

This episode of the ISACA Podcast is all about incident reporting. Lesotho Postbank's Relebohile Kobeli talks to ISACA's Collin Beder about mitigating risk, minimizing losses from events, and good communication. As Relebohile says: "as we carry out our daily tasks at work, we should always be proactive... and recognize abnormal behavior". Tune in now! To read Relebohile's full article, please visit: h0snu.hataselektrik.com/how-enterprises-can-leverage-incident-reporting To listen to more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts

165 Views • 1 year ago

Video

ISACA Live | Advancing Digital Trust Through IT

On National IT Professionals Day, ISACA's Kevin Keh explains how IT professionals can advance digital trust in their organizations and in their industries. Learn more at hataselektrik.com/digital-trust

190 Views • 1 year ago

Video

Industry Spotlight - Lisa Young

Netflix's Lisa Young started as a bank teller that learned tech by fixing and servicing ATMs, which transitioned to her joining the network ops field and leading her to "help organizations understand what could keep them from meeting their strategy, objectives or mission". After rough telecom layoffs, she re-educated herself with ISACA certifications and started leading a chapter, which included the honor of hosting an ISACA conference and she has developed content with ISACA's Paul Phillips. In this episode she sits down with Paul to discuss their shared work on ISACA-related projects, cyber careers and why you should be curious and ask how things work. Lisa loves the idea of continuous learning and asks, "what is a good next step for you?" To listen to more ISACA Podcasts, go to hataselektrik.com/podcasts Be sure to like, comment, and subscribe for more ISACA Productions content.

306 Views • 1 year ago

Video

ISACA Live | The Dark Future of Privacy

Privacy Mining will increase because of billions of IoT devices being connected every day. Combined with advanced psychologic research, this can be a very powerful tool for manipulating people's behavior. A Fake reality also poses a big threat to our future of privacy. Software, such as Deep Fakes, has the ability to use someone's facial structure and create fake videos featuring digitally created characters with an uncanny resemblance of real people, such as celebrities. This technology is so advanced, that our minds aren't sophisticated enough to comprehend the difference between real and fake data created by it, which leads to the next point. We are entering a trust crisis. Trust is the foundation for innovation and technological advance. If people don't trust autonomous cars - they won't use them; if people don't certain websites - they won't read their news; Without trust, we cannot move forward, which is why we need to raise awareness about the dark future of privacy.

105 Views • 1 year ago

Video

Foco de la industria - Arnulfo Espinosa Dominguez, Parte II

El vicepresidente del Capítulo Monterrey de ISACA y Director de Auditoría y Fraude de TI de uno de los Grupos Financieros más grandes de México, Arnulfo Espinosa Domínguez, se une a Jocelyn Alcantar de ISACA para compartir muchas cosas que ha aprendido durante sus 20 años de experiencia profesional en la industria. Habiéndose dado cuenta del valor de la información a una edad temprana, Arnulfo ha forjado su camino dentro de la comunidad de TI. Es un formador acreditado para múltiples certificaciones, asesor independiente y presidente de varios comités de Ciberseguridad, Riesgo y Auditoría, y es reconocido mundialmente por un apodo que sus compañeros le han dado, "El AudiTHOR". Como voluntario de ISACA desde hace mucho tiempo y orador de conferencias, Arnulfo ha sido premiado en numerosas ocasiones por sus destacados logros. En 2019, se le otorgó el "Premio al Líder de Capítulo Sobresaliente" (Outstanding Chapter Leader Award) de ISACA, en 2020, recibió el "Premio John Kuyers al Mejor Orador" (John Kuyers Award for Best), y recibió el mayor logro, el "Premio Salón de la Fama de ISACA" (ISACA Hall of Fame Award) en 2021. ¡Únase a la escucha de este episodio mientras Arnulfo ofrece sus mejores consejos y prácticas para convertirse en un orador excepcional, consejos sobre cómo los profesionales emergentes pueden entrar en la industria, y cómo su alter ego, AudiTHOR, alimenta su pasión por la auditoría! Para leer más sobre Arnulfo, visite h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2020/iamisaca-from-rock-star-to-speak-star Para escuchar más Podcasts de ISACA, visite h0snu.hataselektrik.com/podcasts

225 Views • 1 year ago

Video

Ethical AI Shifting the Conversation Left

Many organizations prioritize goals such as gains and profits, which often require rich data sets, but fail to consider the eventual impact of their data handling methodologies on foundational social justice issues. ISACA's Collin Beder talks to Josh Scarpino about his recently released article Evaluating Ethical Challenges in AI and ML. Josh discusses issues such as ethical behavior, systemic issues and how to create trusted systems. Collin also asks what is the future for humans in regards to AI. Tune in now! To read Evaluating Ethical Challenges in AI and ML, visit: h0snu.hataselektrik.com/evaluating-ethical-challenges-in-ai-and-ml To listen to more ISACA Podcasts, visit: h0snu.hataselektrik.com/podcasts

98 Views • 1 year ago

Video

Foco de la industria - Arnulfo Espinosa Dominguez, Parte I

El vicepresidente del Capítulo Monterrey de ISACA y Director de Auditoría y Fraude de TI de uno de los Grupos Financieros más grandes de México, Arnulfo Espinosa Domínguez, se une a Jocelyn Alcantar de ISACA para compartir muchas cosas que ha aprendido durante sus 20 años de experiencia profesional en la industria. Habiéndose dado cuenta del valor de la información a una edad temprana, Arnulfo ha forjado su camino dentro de la comunidad de TI. Es un formador acreditado para múltiples certificaciones, asesor independiente y presidente de varios comités de Ciberseguridad, Riesgo y Auditoría, y es reconocido mundialmente por un apodo que sus compañeros le han dado, "El AudiTHOR". Como voluntario de ISACA desde hace mucho tiempo y orador de conferencias, Arnulfo ha sido premiado en numerosas ocasiones por sus destacados logros. En 2019, se le otorgó el "Premio al Líder de Capítulo Sobresaliente" (Outstanding Chapter Leader Award) de ISACA, en 2020, recibió el "Premio John Kuyers al Mejor Orador" (John Kuyers Award for Best), y recibió el mayor logro, el "Premio Salón de la Fama de ISACA" (ISACA Hall of Fame Award) en 2021. ¡Únase a la escucha de este episodio mientras Arnulfo ofrece sus mejores consejos y prácticas para convertirse en un orador excepcional, consejos sobre cómo los profesionales emergentes pueden entrar en la industria, y cómo su alter ego, AudiTHOR, alimenta su pasión por la auditoría! Para leer más sobre Arnulfo, visite h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2020/iamisaca-from-rock-star-to-speak-star Para escuchar más Podcasts de ISACA, visite h0snu.hataselektrik.com/podcasts

159 Views • 1 year ago

Video

Why (And How to) Dispose of Digital Data

The stakes are too high for organizations not to comply with data privacy regulations,” Bassel Kablawi states in his article, "Why (and How to) Dispose of Digital Data." As the Information Security and Data Privacy Consultant for System Solutions, Bassel Kablawi has the knowledge and experience to determine that the value of data disposal can help an organization protect personal data from being exposed and why the final step in the Data Lifecycle could be considered the most crucial. Bassel takes us on a deep dive into digital data with ISACA's Safia Kazi on the five stages of data disposal in this ISACA podcast episode. He explains why it is essential to understand that destruction should be performed based on an organization’s retention policy and the five main disposal methods of data, which include date anonymization, data deletion, data crypto shredding (for encrypted data), data degaussing, and data destruction. Tune in to hear Bassel explain why data destruction is critical to developing digital trust with customers and stakeholders and could save an organization’s reputation. To read Bassel's article, please visit: h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2022/why-and-how-to-dispose-of-digital-data To listen to more ISACA Podcasts, please visit: h0snu.hataselektrik.com/podcasts

236 Views • 1 year ago

Video

Industry Spotlight - Johann Dettweiler, Part II

Link to Part I: http://youtu.be/jWGT03ftV58 In this ISACA podcast episode, we connect with TalaTek Director of Operations Johann Dettweiler to discuss his almost two decades of experience across multiple industry fields, his involvement in FEDRAMP compliance, and why the next generation should focus on adding certifications to their resumes. Johann tells ISACA's Keith Karlsson that it was his work ethic and guidance of a trusted mentor that provided an opportunity in the IT security field. In less than 12 months, he racked up multiple impressive certifications such as CISSP, CCSP, and CEH that rapidly advanced his career and, as he explains it, allows him to be “the person that everyone hates because I tell you what is wrong with your system.” Johann’s strong background in research and his constant quest for knowledge about this evolving industry, he is more than willing to provide listeners with his efficiency hacks to stay productive, motivational career advice, and why the next-generation cyber professionals may have an advantage over him. Tune in now to meet Senior Security Information Security Consultant Johann Dettweiler. To learn more about Johann, visit http://talatek.com/project/johann-dettweiler/ To listen to other ISACA Podcast episodes, visit h0snu.hataselektrik.com/podcast

201 Views • 1 year ago

Video

Industry Spotlight - Johann Dettweiler, Part I

Link to Part II: http://youtu.be/Dhr-VAFid-E In this ISACA podcast episode, we connect with TalaTek Director of Operations Johann Dettweiler to discuss his almost two decades of experience across multiple industry fields, his involvement in FEDRAMP compliance, and why the next generation should focus on adding certifications to their resumes. Johann tells ISACA's Keith Karlsson that it was his work ethic and guidance of a trusted mentor that provided an opportunity in the IT security field. In less than 12 months, he racked up multiple impressive certifications such as CISSP, CCSP, and CEH that rapidly advanced his career and, as he explains it, allows him to be “the person that everyone hates because I tell you what is wrong with your system.” Johann’s strong background in research and his constant quest for knowledge about this evolving industry, he is more than willing to provide listeners with his efficiency hacks to stay productive, motivational career advice, and why the next-generation cyber professionals may have an advantage over him. Tune in now to meet Senior Security Information Security Consultant Johann Dettweiler. To learn more about Johann, visit http://talatek.com/project/johann-dettweiler/ To listen to other ISACA Podcast episodes, visit h0snu.hataselektrik.com/podcast

463 Views • 1 year ago

Video

Achieving Effective Cloud Risk Management

Cloud is ubiquitous now. From small enterprises to large companies, all are moving a part of their technology operations to cloud. Initial reluctance is now nowhere to be seen. There is more confidence among the user for the use of cloud technology. Join ISACA’s Jeff Champion as he talks with Risk and Control Specialist, Upesh Parekh about cloud deployment models, the various risks involved with cloud storage, and what to know when using cloud technology for an organization. Read Achieving Effective Cloud Risk Management at: h0snu.hataselektrik.com/achieving-effective-cloud-risk-management Listen to more ISACA Podcasts at: h0snu.hataselektrik.com/podcasts

743 Views • 1 year ago

Video

Advancing Digital Trust Through Data Privacy

For more information, check out http://h0snu.hataselektrik.com/digital-trust

413 Views • 1 year ago

Video

Industry Spotlight - Dr. Blake Curtis Part II

Link to Part I: http://youtu.be/AE-FykwzviU Author, editor, speaker, and educator, Dr. Blake Curtis is joined by Red Cross’s Senior Internal Auditor Niki Gomes to talk about everything from growing up in a small town to completing his master’s degree in 10 weeks and publishing his 600-page dissertation in this ISACA Industry Spotlight episode. In a meaningful conversation, Blake discusses how surviving a near-death experience transformed and motivated him to expand his understanding of what it means to be a human. He was inspired to supercharge his learning, career journey, and personal growth. Making the decision to become intentional in every interaction and giving 100% of his effort in every initiative, he blazed his path to success. At the 2022 ISACA North America Conference, Blake presented his findings from his ground-breaking and internationally known dissertation, "The Next Generation Cybersecurity Auditor.” His research discovered a technical competency gap in Big Four IT Auditors and SMEs and debunked the 10,000-hour rule and "years of experience" fallacy. His study proved that task-based experience is more objective than time-based experience. Blake is also the author of "How to Complete Your Master's Degree in One Semester," which has assisted over 150 students to complete their master’s degrees in record-setting times. Along his journey, he has earned over 30 IT certifications and gained additional impressive certificates for engineering, advising, managing, and leadership. Blake has an abundance of experience to share with ISACA’s audience. Tune in now to be inspired, uplifted, and enlightened by his techniques, advice, and wisdom that can help boost your career! Below you can find materials and resources that Blake would like to share with our audience. Links: How to regulate a profession pg. 261 and 265 of Creating the Next Generation Cybersecurity Auditor: Examining the Relationship between It Auditors’ Competency, Audit Quality, & Data Breaches - ProQuest Debunking Years of Experience: http://www.linkedin.com/posts/reginaldblakecurtis_science-hiring-experience-activity-6951573321901621248-cygl?utm_source=linkedin_share&utm_medium=member_desktop_web Videos Equitable Hiring YouTube Series link: http://www.youtube.com/watch?v=IsnoCNIA2WU&list=PLfr4LANhCPrCXIc6V_h_k2dyKwPP7wJJa Tools Inoreader: Inoreader - Take back control of your newsfeed Anki Notecards (Spaced Repetition): About - AnkiWeb Notion Books Art of Conversation – Judy Apps Verbal Judo – George Thompson The Science of Self-Learning – Peter Hollins Finish What Your Start – Peter Hollins The Power of Discipline – Daniel Walter

357 Views • 1 year ago

Video

Industry Spotlight - Dr. Blake Curtis, Part I

Link to Part II: http://youtu.be/zlrGdTRP-OA Author, editor, speaker, and educator, Dr. Blake Curtis is joined by Red Cross’s Senior Internal Auditor Niki Gomes to talk about everything from growing up in a small town to completing his master’s degree in 10 weeks and publishing his 600-page dissertation in this ISACA Industry Spotlight episode. In a meaningful conversation, Blake discusses how surviving a near-death experience transformed and motivated him to expand his understanding of what it means to be a human. He was inspired to supercharge his learning, career journey, and personal growth. Making the decision to become intentional in every interaction and giving 100% of his effort in every initiative, he blazed his path to success. At the 2022 ISACA North America Conference, Blake presented his findings from his ground-breaking and internationally known dissertation, "The Next Generation Cybersecurity Auditor.” His research discovered a technical competency gap in Big Four IT Auditors and SMEs and debunked the 10,000-hour rule and "years of experience" fallacy. His study proved that task-based experience is more objective than time-based experience. Blake is also the author of "How to Complete Your Master's Degree in One Semester," which has assisted over 150 students to complete their master’s degrees in record-setting times. Along his journey, he has earned over 30 IT certifications and gained additional impressive certificates for engineering, advising, managing, and leadership. Blake has an abundance of experience to share with ISACA’s audience. Tune in now to be inspired, uplifted, and enlightened by his techniques, advice, and wisdom that can help boost your career! Below you can find materials and resources that Blake would like to share with our audience. Links: How to regulate a profession pg. 261 and 265 of Creating the Next Generation Cybersecurity Auditor: Examining the Relationship between It Auditors’ Competency, Audit Quality, & Data Breaches - ProQuest Debunking Years of Experience: http://www.linkedin.com/posts/reginaldblakecurtis_science-hiring-experience-activity-6951573321901621248-cygl?utm_source=linkedin_share&utm_medium=member_desktop_web Videos Equitable Hiring YouTube Series link: http://www.youtube.com/watch?v=IsnoCNIA2WU&list=PLfr4LANhCPrCXIc6V_h_k2dyKwPP7wJJa Tools Inoreader: Inoreader - Take back control of your newsfeed Anki Notecards (Spaced Repetition): About - AnkiWeb Notion Books Art of Conversation – Judy Apps Verbal Judo – George Thompson The Science of Self-Learning – Peter Hollins Finish What Your Start – Peter Hollins The Power of Discipline – Daniel Walter

866 Views • 1 year ago

Video

Industry Spotlight - Arnulfo Espinosa Dominguez, Part II

Link to Part I: http://youtu.be/yNQvbf9onik Vice President of the ISACA Monterrey Chapter and IT Audit & Fraud Director of one of the largest Financial Groups in México, Arnulfo Espinosa Dominguez, joins ISACA’s Jocelyn Alcantar to share some of the many things he has learned over his 20 years of professional experience in the industry. Having realized the value of information at an early age, Arnulfo has forged his path within the IT community. He is an accredited trainer for multiple certifications, an independent advisor and chairman for various Cybersecurity, Risk, and Audit committees, and is globally recognized by a nickname his peers have given him, "The AudiTHOR.” As a long-time ISACA volunteer and conference speaker, Arnulfo has been awarded on numerous occasions for his outstanding achievements. In 2019, he was given the ISACA “Outstanding Chapter Leader Award,” in 2020, he received the “John Kuyers Award for Best Speaker”, and he received the highest achievement, the “ISACA Hall of Fame Award” in 2021. Tune into this episode as Arnulfo offers his best tips and practices for becoming an exceptional keynote speaker, advice on how the up-and-coming professionals can get into the industry, and how his alter ego, AudiTHOR, fuels his passion for auditing! To read more about Arnulfo, visit h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2020/iamisaca-from-rock-star-to-speak-star. To listen to more ISACA Podcasts, visit h0snu.hataselektrik.com/podcasts.

107 Views • 1 year ago

Video

Career Coach Advice: How to Launch Your IT Audit Career

Career coach Caitlin McGaw will share her top tips for young professionals and career changes on how to launch a successful career in IT audit--from acing your first interview and landing your first job to career resources to help your career continue to grow and thrive. To learn more, check out http://www.caitlinmcgaw.com/

518 Views • 1 year ago

Video

Industry Spotlight - Arnulfo Espinosa Dominguez, Part I

Link to Part II: http://youtu.be/plxD2frpYk0 Vice President of the ISACA Monterrey Chapter and IT Audit & Fraud Director of one of the largest Financial Groups in México, Arnulfo Espinosa Dominguez, joins ISACA’s Jocelyn Alcantar to share some of the many things he has learned over his 20 years of professional experience in the industry. Having realized the value of information at an early age, Arnulfo has forged his path within the IT community. He is an accredited trainer for multiple certifications, an independent advisor and chairman for various Cybersecurity, Risk, and Audit committees, and is globally recognized by a nickname his peers have given him, "The AudiTHOR.” As a long-time ISACA volunteer and conference speaker, Arnulfo has been awarded on numerous occasions for his outstanding achievements. In 2019, he was given the ISACA “Outstanding Chapter Leader Award,” in 2020, he received the “John Kuyers Award for Best Speaker”, and he received the highest achievement, the “ISACA Hall of Fame Award” in 2021. Tune into this episode as Arnulfo offers his best tips and practices for becoming an exceptional keynote speaker, advice on how the up-and-coming professionals can get into the industry, and how his alter ego, AudiTHOR, fuels his passion for auditing! To read more about Arnulfo, visit h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2020/iamisaca-from-rock-star-to-speak-star. To listen to more ISACA Podcasts, visit h0snu.hataselektrik.com/podcasts.

270 Views • 1 year ago

Video

Current State of Cybersecurity in K12

ISACAs Director of Professional Practices and Innovation Jon Brand hosts Doug Levin, co-founder and National Director of K12 Security Information eXchange (K12 SIX), a national non-profit dedicated solely to helping schools protect themselves from emerging cybersecurity threats. Levin's work includes development and implementation of the nations initial and subsequent technology plans and well as creation of K-12 Cyber Incident Map, the most comprehensive database of publicly-disclosed K-12 cybersecurity incidents. Throughout this episode they discuss the often unique challenges for the underrepresented sector of U.S. critical infrastructure and current initiatives to bolster K-12 cybersecurity and privacy. For more information, check out http://www.k12six.org/ Be sure to like, comment and subscribe for more ISACA Productions content

386 Views • 1 year ago

Video

Industry Spotlight - Todd Fitzgerald

Cybersecurity leader, author, and host of the CISO Stories podcast, Todd Fitzgerald sits down with ISACA’s Chelsey Byrd to discuss his extensive career journey in security, his best-selling book, CISO COMPASS, and how a make-believe FBI club connects directly to his career passions today. As one of ISACA’s top-rated speakers, Todd gives tips and techniques for the best way to prepare for a speaking event, how to engage the audience, and some entertaining moments and behind-the-scenes accounts from conferences! Named the Chicago CISO of the Year and ranked Top 50 IS Executive in 2016 and 2017, Todd offers listeners his best career advice, ways to stay aware of current business trends, and much more. Listen now to this episode of ISACA’s Industry Spotlight. To listen to CISO Stories, visit http://securityweekly.com/category-shows/the-ciso-stories-podcast/ To listen to more ISACA Podcasts, visit h0snu.hataselektrik.com/podcasts

262 Views • 1 year ago

Video

Managing Security Across Disparate Database Technologies

We usually think about the most efficient way to do things while working in production environments. Still, often employees forget about an insecure environment once the work has been completed and they have moved on to another project. “We don’t always need to audit things; sometimes you can gauge risk by having a conversation with stakeholders…on how they manage databases,” says Adam Kohnke, Cybersecurity Architect for Charter Next Generation. Adam joins ISACA’s Jon Brandt in this episode to discuss his recently released ISACA Journal article, “Managing Security Across Disparate Database Technologies.” Adam breaks down best practices for User Access Management, Encryption, and Logging. He comments on the best ways to start the conversation about security beyond what management considers vital for IT. Tune in now for the full episode! To read the full article, visit h0snu.hataselektrik.com/managing-security-across-disparate-database-technologies. To listen to more ISACA podcasts, visit: h0snu.hataselektrik.com/podcasts

323 Views • 1 year ago

Video

Advancing Digital Trust Through Audit and Assurance

A strong audit and assurance function is critical to achieving digital trust in an organization. This conversation spotlights audit's role in digital trust and outlines key priorities. It also shares new ISACA resources for auditors. For more information, go to http://hataselektrik.com/digital-trust

405 Views • 1 year ago

Video

Implementing Emerging Technologies: Agile SDLC Still Works

AI is a part of our everyday life. What's The Risk LLC's Cindy Baxter gives ISACA's Kevin Keh examples of modern media like the movies Free Guy, Ron’s Gone Wrong and The Matrix, and how they relate to AI-related risk factors, and they ask the questions, what is true? what is the data we are looking at? AI is about data accuracy and reputational risk, and Cindy discusses how to manage frameworks, create meaningful check points and intended outcomes six months or 2 years later that are spot on for what an organization intended. Cindy strongly believes that you always get a better outcome with diversity, because people from diverse backgrounds and life experiences create different ways to learn and produce innovative ideas and avoid rework. To read Cindy's full article, visit: h0snu.hataselektrik.com/implementing-emerging-technologies To listen to more ISACA podcasts, visit: h0snu.hataselektrik.com/podcasts

203 Views • 1 year ago

Video

ISACA Live | Managing Supply Chain Risk with Richard Hollis

ISACA's risk expert Paul Phillips and Richard Hollis, CEO of Risk Factory and an ISACA Conference Europe speaker, examine top cyber risks impacting the supply chain, steps organizations need to take to manage supply chain risk, and important steps to take in the contract process. For more information, check out http://h0snu.hataselektrik.com/supply-chain-security Be sure to like, comment, and subscribe for more ISACA Productions content.

305 Views • 1 year ago

Video

Industry Spotlight - Pam Nigro

On this episode of Industry Spotlight, ISACA's outgoing Board Chair, Greg Touhill, introduces the 2022-23 Board Chair, Pam Nigro. They trade stories from their careers, Pam's thoughts on the future of ISACA, how Game of Thrones relates to Cybersecurity, and Greg shares his favorite moments from his tenure. To read Pam's welcome letter, go to: h0snu.hataselektrik.com/letter-from-the-incoming-board-chair To listen to more ISACA Podcasts, go to: h0snu.hataselektrik.com/podcasts

245 Views • 1 year ago

Video

The Impact of People on the Information Technology Landscape

In this episode, ISACA’s Jon Brandt chats with Thomas Lenzenhofer, Business Development Manager at Cisco, about his new ISACA article titled, “The Impact of People on Today’s Information Security Landscape.” With over 20 years of industry experience and named 2016–17 Chicago CISO of the Year, ranked Top 50 IS Executive, Thomas has a wealth of knowledge to share with ISACA listeners. Security of an organization is a serious matter and Thomas gives a vivid scenario from his recent ISACA Journal article about how an attack of a country's health care system could be massively disruptive to daily functions of staff computer systems, possibly causing employees to not receive payroll. Thomas also gives examples of how to properly train staff to avoid an event like this and says that from the top-down security is a business enabler. Tune in now! To read Thomas' ISACA article, visit: h0snu.hataselektrik.com/impact-of-people-on-information-security-landscape To listen to more ISACA podcasts, visit: h0snu.hataselektrik.com/podcasts

125 Views • 1 year ago

Video

GRC for Intelligent Ecosystems (GRCIE): An Innovative Approach to Workforce Enablement Part II

Executive Director for GRC for Intelligent Ecosystem (GRCIE) Jenai Marinkovic joins ISACA Director of Professional Practices and Innovation Jon Brandt to address key findings in ISACA's 2022 State of Cybersecurity report and talk about GRCIE program. In this two-part program, they delve into program creation, services offered, student selection and how ISACA research continues to shape their work. For more information about GRCIE, visit http://www.grcie.org/ Be sure to like, comment, and subscribe for more ISACA Productions content Direct Link to Part I: http://youtu.be/S4U1e9PMlmg

58 Views • 1 year ago

Video

GRC for Intelligent Ecosystems (GRCIE): An Innovative Approach to Workforce Enablement Part I

Executive Director for GRC for Intelligent Ecosystem (GRCIE) Jenai Marinkovic joins ISACA Director of Professional Practices and Innovation Jon Brandt to address key findings in ISACA's 2022 State of Cybersecurity report and talk about GRCIE program. In this two-part program, they delve into program creation, services offered, student selection and how ISACA research continues to shape their work. For more information about GRCIE, visit http://www.grcie.org/ Be sure to like, comment, and subscribe for more ISACA Productions content Direct Link to Part II: http://youtu.be/Bg7_Oh3Ifow

294 Views • 1 year ago

Video

Smarter Testing = Safer Digital Experiences

Application testing is a critical component of a software development lifecycle. A complete testing battery for any application includes not only functionality and usability testing but security and reliability testing as well. However, helping ensure that security testing in particular produces results that focus on actionable items – with accurate relative priorities – has been a persistent challenge. Are actionable items from testing actually going to move the needle in terms of product quality and resilience – especially in how they manage evolving threats? While the “OWASP Top 10” and “CWE/SANS Top 25” are still important, they represent merely a reasonable beginning to a security testing strategy. How do you go beyond those lists and become truly more “adversary-aware” in testing? In addition, how do you make sure that these testing efforts genuinely help your development teams “shift left” in their thinking and implementation of better security controls in your applications? These are challenges Adobe set out to solve by not just making our testing efforts more extensive or frequent – but smarter, and with as tight of alignment as possible to the software development lifecycle and even closer in modeling real-world adversary threats. We invite you to join Shannon Lietz, VP, Adobe Security, as she speaks with ISACA's IT Audit Professional Practices Principal, Robin Lyons for a discussion of these issues and others that we must address as an industry to make us genuinely more “DevSecOps”-minded in our approach to application security testing. Robin and Shannon will discuss Adobe’s overall strategy around our application testing efforts and how smarter testing is fundamental to achieving a true “shift left” approach around application security. They will also talk about how this effort is really going to help us deliver the safer digital experiences users are demanding. For more information go to http://trust.adobe.com Be sure to like, comment, and subscribe for more ISACA Productions content.

388 Views • 1 year ago

Video

Data Resilience

Ensuring That Your Organization Is Data Resilient Part I--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

250 Views • 1 year ago

Video

Two Perspectives On Data Resilience: Data Operating Model And Data Capabilities

Ensuring That Your Organization Is Data Resilient Part II--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

128 Views • 1 year ago

Video

Key Constructs Of A Resilient System

Ensuring That Your Organization Is Data Resilient Part III--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes —availability, usability, robustness interoperability and performance— as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

70 Views • 1 year ago

Video

Data Capability Failures

Ensuring That Your Organization Is Data Resilient Part IV--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

34 Views • 1 year ago

Video

Attributes of Data Resilience

Ensuring That Your Organization Is Data Resilient Part V--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

73 Views • 1 year ago

Video

Considering The Various Types Of Data Risks

Ensuring That Your Organization Is Data Resilient Part VII--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

65 Views • 1 year ago

Video

Benefits Of Data Resilience

Ensuring That Your Organization Is Data Resilient Part VIII--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

83 Views • 1 year ago

Video

Ensuring Your Organization Is Data Resilient

Ensuring That Your Organization Is Data Resilient Part VI--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

51 Views • 1 year ago

Video

Data Risk Assessments And The Journey Of Data Resilience

Ensuring That Your Organization Is Data Resilient Part IX--Data is something we constantly interact with. What happens when an adverse event occurs, thus compromising your organization? Guy Pearce is the Chief Data Officer and Chief Digital Officer at Convergence Tech. Guy sits down with ISACA's Kevin Keh to dig into everything you'll want to know to keep your organization's data safe. Listen is as Guy defines data resilience, understanding what the 4 aspects of the data operating model are and how to utilize them, and the importance of data governance. Kevin and Guy will also cover the resilience attributes—availability, usability, robustness interoperability and performance—as well as the need for enterprise risk officers to assure they actually perform data risk assessments. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/data-resilience-is-data-risk-management for more information!

62 Views • 1 year ago

Video

Cyber Decisions Only Executives Can Make

One of ISACA’s most popular Journal columnists joins us to discuss his most recent release, “Cyber Decisions Only Executives Can Make.” Steven Ross chats with ISACA’s Safia Kazi about cyber recovery plans that organizations have in place and that only when an attack disrupts normal business operations do those organizations realize they should have prepared and planned for operation continuity without the system and data they rely on. As Executive Principal for Risk Master International and fifty plus years of industry experience, Steven shares his insights into cyber recovery plans, categorizing cyberattacks, paying ransom to cyber criminals, and offers his advice on what organizations should do if they find themselves in the middle of a critical cyber decision. To read the full ISACA Journal article, click here: http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-4/cyber-decisions-only-executives-can-make Be sure to like, comment, and subscribe for more ISACA Productions content.

257 Views • 1 year ago

Video

Breaking Down the ESET T1 2022 Threat Report

ESET, a global leader in cybersecurity, has released its T1 2022 Threat Report, which summarizes the most notable trends that shaped the threat landscape from January to April 2022. Join ISACA’s Research Advisor, Brian Fletcher, as he breaks down the ESET T1 2022 Threat Report with Chief Security Evangelist for ESET, Tony Anscombe. For more information, check out ESET’s award-winning blog: WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research. Be sure to like, comment, and subscribe for more ISACA Productions content.

270 Views • 1 year ago

Video

Real-World Data Resilience

Join ISACA's Lisa Villanueva as she talks with Guy Pearce about his recently released ISACA Journal article "Real-World Data Resilience". Guy has a deep knowledge of the movement of data and says "it’s about change and nothing is stable." Lisa asks Guy about AI model implications, Data Drift and cloud adoption. If you want to dive deeper, you can read the entire journal article and learn about data and resilience in its modern context at: http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-3/real-world-data-resilience-demands-an-integrated-approach-to-ai-data-governance-and-the-cloud To listen to more ISACA podcasts, visit: h0snu.hataselektrik.com/podcasts Be sure to like, comment, and subscribe for more ISACA Productions content.

254 Views • 1 year ago

Video

Where Privacy Meets Security

Jo Stewart-Rattray, the Director of Technology & Security Assurance for BRM Advisory, believes privacy is a team sport. Every organization needs to be responsible for asking, “what data is being collected,” “where is the information held,” “what purpose is the information being collected for,” and “how is the information being protected.” Jo chats with ISACA's Safia Kazi about why it is essential that security and privacy teams collaborate when it comes to collecting data. She expands on why the central role of a CISO needs to be educating and communicating this team approach to organizations. Jo says that the issue of data privacy will only continue to grow as the digital economy grows and why privacy and security professionals play a critical role in ensuring that enterprises adhere to privacy laws and regulations that protect their customers’ personal data. To read Jo's full article, follow this link h0snu.hataselektrik.com/where-privacy-meets-security Be sure to like, comment, and subscribe for more ISACA Productions content.

528 Views • 1 year ago

Video

How To Build A Following Around Your Ideas

In this talk based on her book Stand Out: How to Find Your Breakthrough Idea and Build a Following Around It, Dorie Clark explains how to build a following around your ideas. Join Megan Moritz and Dorie Clark as they discuss advancing your business or your cause and inspiring others to listen and take action. Be sure to like, comment, and subscribe for more ISACA Productions content.

186 Views • 1 year ago

Video

Study Your Social Media Environment

How Do Organizations Control Their Use of Social Media Part IV - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

32 Views • 1 year ago

Video

Privacy and Social Media

How Do Organizations Control Their Use of Social Media Part V - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

93 Views • 1 year ago

Video

Cybersecurity Certification and Mitigating Risk

How Do Organizations Control Their Use of Social Media Part VII - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

63 Views • 1 year ago

Video

Industry Spotlight: Jan Anisimowicz

Jan Anisimowicz is an experienced senior IT manager with over 23 years of experience in GRC, data analysis, broad business, and technical perspective in telco, banking, pharma, and insurance. As the COO and EVP at C&F, he is consistently solving business problems by leveraging his all-around experience in creating and developing IT products and IT service offerings for businesses. In this ISACA Industry Spotlight episode, Jan Anisimowicz chats with ISACA's Megan Moritz on what he believes the most pressing current business continuity issue is in this always-changing industry. With the recent pandemic, Jan also discusses his active participation in the digital transformation technology for vaccine manufacturers, the key component to the development and delivery of the vaccine. He also explains why he wants to travel to Mars, how some friends convinced him to run 9 marathons, and his dream to build a 14th-century-style restaurant with archival computers and gaming devices! To learn more about Jan, visit: linkedin.com/in/anisimowicz Be sure to like, comment, and subscribe for more ISACA Productions content.

233 Views • 1 year ago

Video

Climate Resiliency and Regulation

Climate resiliency and green innovations are of worldwide interest today, but what is the best way to use skills and expertise that will make a difference? Cindy Baxter from What's the Risk, LLC talks with Frank O'Brian, leader of the East Boston Climate Coalition to hear about the Coalition's approach, the challenges they've faced, and what they do to overcome obstacles. This discussion takes us into everyone's backyard to understand how IS audit and risk professionals can contribute to climate resiliency in an impactful way. Please join us to imagine the role you can play in environmental resiliency and justice! To read Cindy's full ISACA Journal article - follow this link - h0snu.hataselektrik.com/resilience-and-regulation Be sure to like, comment, and subscribe for more ISACA Productions content!

267 Views • 1 year ago

Video

Cybersecurity In A Covid-19 World: Insights On How Decisions Are Made

In the early days of the Covid-19 pandemic, all organizations pivoted to remote work. Now that we are years into working remotely, University of West Florida's Jerry Burch asks if the choices we made in 2020 are still the best ones. He explains to ISACA's Brian Fletcher what the concept of "satisficing" is and why we might want to explore other options before picking a solution for employees’ remote work. While we have all adjusted to the shift that came in March 2020, Jerry argues that it could happen again and now is the time to consider all options for your cybersecurity team. He also discusses Rational choice theory as it relates to cybersecurity and fighting cybercrime. Tune in now! To read Cybersecurity In A Covid-19 World: Insights On How Decisions Are Made, Please visit: h0snu.hataselektrik.com/cybersecurity-in-a-covid-world To listen to more ISACA Podcasts, please visit: hataselektrik.com/podcasts

140 Views • 1 year ago

Video

Industry Spotlight: Caitlin McGaw

Caitlin McGaw answered an ad in the newspaper in 1997 for a position with an Executive Search Firm and she was instantly hooked. She tells ISACA's Hollee Mangrum-Willis that for the past 25 years, she has been passionate about the idea of corporate match-making in the IT Audit space. Hollee asks Caitlin about process improvement within the ISACA community and the examples of candidates using transferable skills to pivot to different positions within the industry. Caitlin discusses the growth mindset and coachability of a candidate during the hiring process and how that translates to performance on the job. Caitlin also explains why she thinks more candidates should pursue careers in IT Audit. To learn more about Caitlin, visit: www.linkedin.com/in/caitlinmcgaw and www.caitlinmcgaw.com To listen to more ISACA podcasts, visit: hataselektrik.com/podcasts

189 Views • 1 year ago

Video

Industry Spotlight: Ed McCabe

One of Ed McCabe's first childhood memories was taking apart his grandparent's heirloom grandfather clock to find out why it wasn't working. His grandparents were not happy to find it in pieces, but he did get it working again and says that experience was the beginning of a life-long interest in IT, beginning his quest to always ask "why, how and what is technology supposed to do and what is it not, supposed to do?". ISACA's Angie Coleman talks to Ed about his career in the US Navy, private sector and founding his own company The Rubicon Advisory Group. Ed discusses how his organization has supported clients through the most challenging moments during the pandemic, how he learned to find balance for his life while sustaining his passion for education and technology, and what his advice is to ISACA members when preparing for a certification test. For more information on Ed, visit: www.therubiconadvisorygroup.com To listen to more ISACA Podcasts, visit: h0snu.hataselektrik.com/podcasts Be sure to like, comment, and subscribe for more ISACA Productions content!

486 Views • 1 year ago

Video

Cyber (Business) Recovery

"The thing that you plan for is not the thing that is going to happen" says Risk Masters' Executive Principal Steven Ross. Steven talks to ISACA's Safia Kazi about how to prepare for a cybersecurity Event and how to recover. Steven discusses the types of attacks to watch out for, Business Continuity Planning and how to recover from a cybersecurity event. Listen in as Steven shares some ways you can use your imagination to prepare for "the thing that is going to happen". To read Steven's full article, visit: http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-3/cyber-business-recovery To listen to more ISACA Podcasts, visit: http://h0snu.hataselektrik.com/podcasts

581 Views • 1 year ago

Video

Industry Spotlight – Niki Gomes

Everyone starts somewhere and for Niki Gomes, it was at the front desk of a hotel where she worked her way up to hospitality management, before pivoting to accounting and finally to the American Red Cross, where she is currently Senior Internal Auditor. Niki tells ISACA's Melissa Swartz about her passion for people, technology and how the pandemic changed her work life to better connect with her family. Dive deep into this Industry Spotlight episode as Niki discusses why young Black and Latina women are under-represented in the industry and her plan to remedy that divide, mentoring and what her advice is for the next generation. Tune in now to hear all of Niki's inspiring story! For more information, check out out http://www.redcross.org/ Be sure to like, comment, and subscribe for more ISACA Production content.

208 Views • 1 year ago

Video

Managing Data Privacy Risks and Compliance with a Distributed Workforce

Data now includes, consumer's social media, news, view and even browser searches. From 2010-2020, the amount of data created, captured, and copied in the world increased from 1.2 trillion GB to 59 trillion GB and the amount created in the next 5 years is projected to double. With that massive amount of data being collected, there is a growing sense of distrust with consumers when it comes to privacy. RGP's Janis Parthun and Lynn Rohland join ISACA's Safia Kazi for a discussion about data privacy. Janis and Lynn discuss trends from their clients, challenges that AI is introducing and the effect that the pandemic has had on the industry. Visit ISACA.org/podcasts for more ISACA Podcasts! Be sure to like, comment, and subscribe for more ISACA content! To find out more about RGP, visit http://rgp.com/

561 Views • 1 year ago

Video

CMMC and CUI: Rocket Fuel

"Cybersecurity is only as good as an organization's weakest link" - Ali Pabrai Join ISACA's Senior Manager, CMMI Professional Practice, Kileen Harrison as she talks with ecfirst's Chief Executive Officer, Ali Pabrai about his recently released articles, “What Cyberprofessionals Should Know About CUI”, and “US DoD Launches Comprehensive CMMC 2.0 Cybersecurity Framework”. Ali explains the three levels of CCMC 2.0 and goes further in depth on CUI classification. By the end of this episode, you'll have all the CMMC and CUI "Rocket Fuel" that you need to understand this latest certification. To read Ali's full articles - http://h0snu.hataselektrik.com/resources/news-and-trends/newsletters/atisaca/2022/volume-8/what-cyberprofessionals-should-know-about-cui http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2022/us-dod-launches-comprehensive-cmmc-2-cybersecurity-framework Be sure to like, comment, and subscribe for more ISACA content.

190 Views • 1 year ago

Video

A Security Awareness Program for PCI-DSS Compliance

People are considered the weakest link in any organization’s cybersecurity defenses. Hence, in most cases, the primary targets of cyber-attackers are the employees of the organization. In addition, people are easier to compromise and exploit unlike finding a single software to breach an organization or enterprise business. While a lot of efforts go into improving the existing security infrastructure, ignorance of human resources would leave a significant gap in the defense strategy. Join ISACA’s Research Advisor, Brian Fletcher, as he is joined by Dr. Yasmin Razack, author of “A Security Awareness Program for PCI DSS Compliance: Implementation and Legal and Ethical Issues to Be Considered”. In this episode, they will be addressing the challenges in implementing a security awareness program to fill this gap and the legal/ethical issues that needs to be considered during implementation. As per the Payment Card Industry – Data Security Standard (PCI-DSS) requirement 12.6, a Security Awareness Program is mandatory to be held at least once a year and for new hires. However, it is not an easy task and cannot be a one-time activity. But if implemented effectively, awareness programs can be the human firewall of the organization. It will make the organization compliant to regulations like PCI-DSS thereby protecting it from fines due to non-compliance, defamation, costs of data breaches and will help improve customer trust and loyalty. To read Dr. Razack’s full article click here - h0snu.hataselektrik.com/pci-dss-compliance Be sure to like, comment, and subscribe for more ISACA Production content!

738 Views • 1 year ago

Video

Industry Spotlight - Jo Stewart-Rattray

Making a difference within the cyber industry is of paramount importance to Jo Stewart-Rattray. She is incredibly passionate about encouraging, teaching, and mentoring more women into tech and security fields. In this episode of Industry Spotlight, Robyn Franko, Manager of Event Operations and Services at ISACA, chats with Jo about her background and career path, hobbies, and some interesting challenges the industry faces. Jo has over 25 years of experience in the IT field, some of which were spent as CIO in the Utilities and as Group CIO in the Tourism space, and with significant experience in the Information Security arena, including as CISO in the healthcare sector. She underpins her information technology and security background with her qualifications in education and management. She specializes in consulting in risk and technology issues with a particular emphasis on governance and security in both the commercial and operational areas of businesses. Jo provides strategic advice to organizations across a number of industry sectors, including banking and finance, utilities, manufacturing, tertiary education, retail, healthcare, and government. She has chaired several of ISACA’s international committees, including the Board Audit & Risk Committee, Leadership Development, and Professional Influence & Advocacy. She served as an Elected Director on ISACA’s International Board of Directors for seven years and was the founder of its global women’s leadership initiative, SheLeadsTech. Because of her involvement with ISACA and the SheLeadsTech program and her rural background Jo was selected from a large number of candidates to be one of only two non-government delegates and was invited to join the official Australian Government delegation to the 62nd Session of the United Nations Commission on the Status of Women (CSW62) held in New York in March 2018. She returned to the UN in 2019 and again spoke at two UN events this year. She has spoken on Capitol Hill during a Day of Advocacy designed to bring tech leaders together in one place to discuss issues related to women in technology and then to meet with congressional representatives and Senator’s offices. Be sure to like, comment, and subscribe for more ISACA Content. For more information check out - h0snu.hataselektrik.com/podcasts

299 Views • 1 year ago

Video

The Transformative Power of Mobility

It's hard to believe the quarter century mark has almost arrived! Have you thought about what you would like your work world to be in 2025? Have you dreamed of more flexibility or better access to information so you can get work done faster? ISACA’s IT Professional Practices Lead, Kevin Keh, sits down with Cindy Baxter, Director of What's the Risk, LLC to talk about her recently released article “The Transformative Power of Mobility”. Cindy spoke with three professionals from three different industries and asked them how the promise of mobility could change their work lives. Hear about the work her interviewees do and the aspirations they have for themselves and their professions. Can IS risk and audit professionals make their mobility dreams come true? Tune in to the conversation and see what you think! To Read Cindy’s full ISACA Journal Article click here - h0snu.hataselektrik.com/power-of-mobility Please like, comment, and subscribe to the ISACA Media channels to keep up to date with all of ISACA’s new content.

170 Views • 1 year ago

Video

Industry Spotlight with Raven David

"For me, it's all about working with people... at the end of the day, you want to work in a place where you can trust other individuals, you can get to know other individuals, and being personable with one another makes an organization great to work for," Raven David tells ISACA. In this Industry Spotlight episode, we meet Raven David, Cyber Risk and Governance Manager for The University of New South Wales (UNSW). Fascinated with technology at an early age, the native Australian recalls that he spent part of his childhood disassembling computers and putting them back together to understand better how they worked. This passion led him on a fantastic life journey and set him on a path to dominate the industry as a risk management, governance, compliance, assurance, and emerging technologies expert. Raven talks about his less traditional educational and career track. While working full-time, he managed a full-time class schedule simultaneously, to a career that allowed him to establish and manage a cyber risk and compliance team within a corporation of 5,000+ employees. Listen as Raven recaps the success of his cybersecurity awareness program, gives thoughtful advice to the next generation of young professionals, and discusses his current self-educating project, 3D printed chess set with Arduino-powered actuators and a Python chess engine. As an active contributor to ISACA and the ISACA Sydney Chapter, Raven recently volunteered, mentored, and led the 2021 Oceania Conference Taskforce and is currently a CRISC Certification Working Group. In this ISACA Industry Spotlight episode, get to know the next-gen cybersecurity leader, Raven David. Connect with Raven David on LinkedIn: http://www.linkedin.com/in/ravendavid/ Press play now, and don’t forget to subscribe!

254 Views • 1 year ago

Video

Privacy for Sale

Is Privacy a commodity? This episode explores the future direction of privacy and the demise of privacy in the digital age. Could privacy become something that people cannot afford, creating a two-tier system of internet users — those who can afford privacy and those who cannot? Join Safia Kazi, ISACA's Privacy Professional Practice Advisor, as she speaks with Steven Ross, Executive Principal of Risk Masters International, about his recently released ISACA article "Privacy for Sale.” Listen in as they chat about what privacy could be worth, and if this is a decision we must make soon? To read Steve’s full ISACA Journal article, please check out h0snu.hataselektrik.com/privacy-for-sale We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

330 Views • 1 year ago

Video

Ensuring that Cybersecurity is Everyone’s Job

Join ISACA’s Performance Based Training Engineer, Collin Beder as he speaks with Tom Schneider, Senior Associate of Proactive Advisory for Cyber Defense Labs as they discuss Tom’s recently released article “Ensuring that Cybersecurity is Everyone’s Job”. Employees expect to focus on the responsibilities that are communicated to them, for example in their job descriptions. If cybersecurity and privacy responsibilities are not documented in job descriptions, then it is likely that staff will assume that cybersecurity is not a primary responsibility for them because management did not consider it significant enough to include. Collin and Tom will delve into these topics and why keeping cybersecurity on everyone’s mind will be better in the long run. To read Tom’s full article, please check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-2/ensuring-that-cybersecurity-is-everyones-job We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

349 Views • 1 year ago

Video

CyberPros - Zero Trust: How to Beat Adversaries at Their Own Game featuring Dr. Zero Trust

ISACA’s Jon Brandt welcomes Dr. Chase Cunningham aka Dr. Zero Trust to the ISACA CyberPros podcast. You may know Chase from his own podcast, Dr. Zero Trust, or book series, Cynja. Chase dives deep into Zero Trust and Jon gets Chase's opinions on how legislation relates to ZT, and thoughts on attack trends, including how to outsmart bad actors. Listen now and don’t forget to subscribe and write in the comments! For more information check out http://h0snu.hataselektrik.com/credentialing/cybersecurity Interested in hearing more from DrZeroTrust - check out his podcast at: http://anchor.fm/chase-cunningham8

534 Views • 1 year ago

Video

Rising Stakes for Protecting Critical Infrastructure Teaser

Watch the full video at http://www.youtube.com/watch?v=ov7f9EL8w50

122 Views • 1 year ago

Video

Rising Stakes for Protecting Critical Infrastructure Teaser

Critical infrastructure expert and renowned cyberthreat investigator Alex Holden discusses the latest on critical infrastructure security as global tensions rise amid Russian attacks in Ukraine. For more information check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2022/tensions-shine-spotlight-on-protecting-critical-infrastructure

195 Views • 1 year ago

Video

Breaking Down the ESET T3 2021 Threat Report

Tune in as ISACA’s Kevin Keh talks with the Chief Security Evangelist of ESET, Tony Anscombe about the latest released report from ESET. ESET, a global leader in cybersecurity, has released its T3 2021 Threat Report, which summarizes the most notable trends that shaped the threat landscape from September to December 2021. For more information, check out ESET’s award-winning blog: WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research. To read the full Report, please check out http://www.welivesecurity.com/2022/02/09/eset-threat-report-t32021/ We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

68 Views • 1 year ago

Video

Building Digital Trust in a FinTech Start Up

Today's Page to Podcast features ISACA's Kevin Keh and Donald Tse, the Head of Cyber & Technology Risk at Mox Bank and author of "Cybersecurity and the Technology Risk in Virtual Banking", as they dive into the virtual banking scene in fintech. This will compare the differences between a digital-only virtual bank and a brick-and-mortar traditional bank and therefore the underlying challenges and risks they face. As a founding member of Mox Bank, Donald will also share his experience in building digital trust with customers and regulators in this whole new cloud-native bank. To read Donald's full article, please check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-1/cybersecurity-and-technology-risk-in-virtual-banking We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

303 Views • 1 year ago

Video

Lessons Learned from a Year of Remote Work

Working from alternate work sites using unsecure networks may be here to stay, but there is much to learn from 2020 that can help improve cybersecurity capabilities for remote staff. Listen in with ISACA's Deputy Director of One in Tech, Hollee Mangrum-Willis as she talks with Tom Conkle, CEO of Optic Cyber Solutions, and Kelly Hood, EVP of Optic Cyber Solutions. They will discuss various technical solutions such as using VPNs, enabling MFA, encrypting mobile devices and laptops, and leveraging services such as a CASB, and how, ultimately, training and awareness are the most effective at protecting organizational data. To read the full article, be sure to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/lessons-learned-from-a-year-of-remote-work. We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

365 Views • 1 year ago

Video

Unpacking Pakistan's Cybersecurity Policy 2021

Listen in as ISACA’s Director of Professional Practices & Innovation, Jon Brandt, is joined by Muneeb Imran Shaikh, author of "Pakistan’s Cybersecurity Policy in 2021: A Review". They will dig deeper into the report and discuss the policy changes that Pakistan and other Central Asian countries will see moving forward. To read the full report, be sure to check out http://h0snu.hataselektrik.com/resources/news-and-trends/newsletters/atisaca/2021/volume-39/pakistan-cybersecurity-policy-in-2021-a-review. We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

337 Views • 1 year ago

Video

Using XDR and Zero Trust to Combat Ransomware

Both XDR and Zero Trust are useful security concepts, but they are sadly overhyped. Listen in as ISACA's Research Advisor, Brian Fletcher and Trend Micro's Bill Malik look into the realities behind ZDR and Zero Trust, how ransomware works, and how the both XDR and Zero Trust can help organizations minimize their vulnerabilities Interested in reading Bill's full ISACA Blog? Click the link and download a copy today! http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/using-zero-trust-and-xdr-to-stop-ransomware We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

306 Views • 1 year ago

Video

What is Environment, Social, and Governance (ESG)?

Mark Thomas (Founder, Escoute) and Caren Shiozaki (EVP & CIO, TMST, Inc.) join ISACA's Lisa Villanueva for a conversation about Environment, Social, Governance or ESG. Mark and Caren dive deep into why your organization will want to know about ESG. Mark & Caren agree “the ESG Train” has already left the station. Organizations need to jump on board now! Click play now to learn about ESG! For more information, don't forget to check out http://h0snu.hataselektrik.com/resources/insights-and-expertise/white-papers#sort=relevancy&layout=card and http://youtube.com/playlist?list=PLHaB3gI5mcQa0zjjXSyC3ZBlKmsct9H4g

213 Views • 1 year ago

Video

The Impact of SOX on the Industry 20 Years Ago and Today with Cindy Baxter

The Sarbanes-Oxley (SOX) Act was passed by the United States Congress in 2002. 20 years later, ISACA's IT Audit Professional Practice Lead, Robin Lyons chats with Cindy Baxter, Director at What’s the Risk, LLC on all things SOX. Cindy goes in-depth on the scandals that caused SOX to be enacted, legislation's effect on corporate behavior, how SOX has affected the audit profession, and what trends she sees in the regulatory landscape in 2022 and beyond! Interested in reading Cindy’s full ISACA Journal article? Click the link and download a copy today! http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-1/the-impact-of-sox-on-the-industry-20-years-ago-and-today We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

453 Views • 1 year ago

Video

Privacy in the Dark (Data)

Listen in as Safia Kazi, ISACA's Privacy Professional Practice Advisor, as she speaks with Steve Ross, Executive Principal of Risk Masters International, about his article "Privacy in the Dark (Data)". Organizations have a lot of “dark data”; information that they have collected, filed and forgotten. Some of it concerns people, so there is a privacy concern about how that data is secured. Both enterprising cyberattackers and litigants using eDiscovery tools have incentive to search through this dark data to see what they might make use of. The potential for misuse calls for greater attention to the security of this data. For more information, don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2022/volume-1/privacy-in-the-dark-data

193 Views • 1 year ago

Video

CyberPros - 2022 Industry News Wrap

ISACA's CyberPro Jon Brant breaks down industry news stories so far in the new year: Log4j, Cyber Insurance, Augmented Reality/Virtual Reality, Metaverse, Deep Fakes, and even the legal discussion around vehicle car data. Tune in now to hear Jon's hot takes on all this and more. Happy listening! For more information, don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-podcast-library.

124 Views • 1 year ago

Video

ISACA Cyber Pro Chats with Naomi Buckwalter

ISACA’s Cyber Pro, Jon Brandt, invites information security guru, Naomi Buckwalter, Director of Information Security and IT to the podcast to discuss hot and heavy topics within Cybersecurity and the IT industry. Listen in as they hash out the current and future trends. For More Information, Check Out http://h0snu.hataselektrik.com/training-and-events/cybersecurity

275 Views • 1 year ago

Video

What Will it Take to Reach DevSecOps Maturity?

While our development teams have been busy running full speed ahead using the latest and greatest technology to build amazing products, security teams haven’t always been known to keep the same pace – and we have reached a point of “developer revolt.” Security teams are still too often viewed as producers of “design constraints” by development teams versus “reliable partners” in helping them build better software. The path to changing this is getting security more tightly integrated into the DevOps pipeline – and working to make security even more of everyone’s responsibility. In this podcast Shannon Lietz, Adobe’s VP of Vulnerability Labs, will discuss some of the opportunities for security teams to become trusted partners, providing a roadmap for how DevSecOps needs to evolve to reach necessary maturity, and discuss some of the efforts that can help the broader security industry get better at this essential security muscle. For more information, check out http://h0snu.hataselektrik.com/

80 Views • 1 year ago

Video

The Log4Shell Vulnerability: Steps to Take Now and Good Practices for the Future

ISACA's Chris Dimitriadis and Scott Reynolds discuss the latest information regarding the Log4Shell vulnerability, including what organizations need to do in both the immediate and longer term. For more information on the Log4Shell Vulnerability, visit: http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2021/log4shell-vulnerability-highlights-critical-need-for-improved-detection-and-response

560 Views • 1 year ago

Video

Security Operations Challenges in 2021

ISACA’s Director, Channel Business Development, Chris DeMale is joined by ServiceNow’s Director of Product Marketing, Karl Klaessig in this follow up interview that takes a deeper look into his presentation during ISACA’s Virtual Summit session, Security Operations Challenges in 2021. The presentation discussed how opportunistic and tenacious cybercriminals can be. Klaessig takes explores how dissecting attackers' behavior and automating responses can better defend your attack surface. Don't forget to check out http://h0snu.hataselektrik.com/training-and-events/online-training/virtual-summits for more information!

193 Views • 1 year ago

Video

Information Security Programs Need to be Ubiquitous, Proactive, and Vigilant

This ISACA TV interview is a discussion about information security concerns (and challenges), evolution, and the future. Topics covered include mobile computing devices, the Internet of Things (IoT), artificial intelligence (AI), cyber threat intelligence (CTI), software tools, and malware. Threats, risk, safeguards, and countermeasures will be reviewed along with some new ideas and approaches. Tune in as ISACA’s Information Security Professional Practices Lead, Jon Brandt chat with Larry Wlosinski, Senior Consultant at Coalfire Federal about his recently release article, Cyberthreat intelligence as a Proactive Extension to Incident Response. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-6/cyberthreat-intelligence-as-a-proactive-extension-to-incident-response for more information!

171 Views • 1 year ago

Video

How Innovative Enterprises Win With Secure Machine Learning

Enterprises use machine learning to validate who they are doing business with and to find new opportunities. ISACA's IT Professional Practices Lead Kevin Keh discusses secure machine learning with Protegrity's Chief Security Strategist Ulf Mattsson. Ulf explains Trusted Execution Environment (TEE), synthetic data, and encryption keys. All these technologies can be sometimes misunderstood, but they are changing the digital landscape, so listen in now! Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-6/how-innovative-enterprises-win-with-secure-machine-learning for more information!

199 Views • 1 year ago

Video

HCL State of Cybersecurity 2021

Jon Brandt (Information Security Professional Practices Lead at ISACA) and Renju Varghese (Fellow and Chief Architect at HCL Technologies) break down the State Of Cybersecurity 2021 —Part II report. Threat actors did not take advantage of clients more during the pandemic, but there have been higher instances of attacks or attempts of attacks during the past 18 months. This has brought attention to organization’s boards and executives to show Cybersecurity in a more serious light than it was pre-pandemic. Tune in now to hear what Renju says you can expect in 2022! Don't forget to check out http://h0snu.hataselektrik.com/why-isaca/about-us/newsroom/press-releases/2021/new-isaca-study-finds-cybersecurity-workforce-minimally-impacted-by-pandemic-but-still-grappling for more information!

459 Views • 1 year ago

Video

ISACA’s New CyberPro – Jon Brandt

Listen in as ISACA’s Information Security Professional Practices Lead, Jon Brandt grabs the podcast microphone and takes over November’s Cyber Pros to discuss CISA’s Directive Breakdown. Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-podcast-library for more information!

121 Views • 1 year ago

Video

The Cybersecurity Workforce

Join ISACA’s Director of Communications, Kristen Kessinger as she interviews ISACA’s Information Security Professional Practices Lead, Jon Brandt about what is currently happening in the cybersecurity workforce. Listen in as Jon explains how the demand for cybersecurity resources is large, but the workforce pipeline is not keeping pace and how that makes hiring difficult for organizations. Jon and Kristen also discuss the “Great Resignation”, how the pandemic has helped make job hunters more selective, and if the NIST/NICE frameworks are still valued. Take a listen and enjoy! Don't forget to check out http://h0snu.hataselektrik.com/resources/infographics/state-of-cybersecurity-2021-infographic for more information!

362 Views • 1 year ago

Video

Emerging Technology - Blockchain

In our third LinkedIn Live session on Emerging Technology, Director of Emerging Technology and Innovation at ISACA, Dustin Brewer, and Principal Consultant at Strategic Global Consulting LLC, Ronke Oyemade, discuss the topic of blockchain, its common uses, security concerns related to the technology, and what the future holds for blockchain as it continues to develop. Discover the highlights here! Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004Ko8bEAC for more information

498 Views • 1 year ago

Video

Social Media Hacking Risk

How Do Organizations Control Their Use of Social Media Part III - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

132 Views • 1 year ago

Video

Dangers of Social Media

How Do Organizations Control Their Use of Social Media Part II - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

130 Views • 1 year ago

Video

How Do Organizations Control Their Use of Social Media

How Do Organizations Control Their Use of Social Media Part I - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

75 Views • 1 year ago

Video

Fake Business Vs Your Reputation

How Do Organizations Control Their Use of Social Media Part VIII - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

36 Views • 1 year ago

Video

Auditing Risk Benefit Analysis

How Do Organizations Control Their Use of Social Media Part VI - What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/how-do-organizations-control-their-use-of-social-media-part-1 for more information!

68 Views • 1 year ago

Video

Can You Manage Risk Without Measuring?

Cyber Risk and Communicating to a Board of Directors Part VII--Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cyber Risk Methodology at VisibleRisk —about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more. Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004KoEHEA0 for more information!

99 Views • 1 year ago

Video

Risk Appetite & Tolerance

Cyber Risk and Communicating to a Board of Directors Part VI--Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cyber Risk Methodology at VisibleRisk —about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more. Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004KoEHEA0 for more information!

445 Views • 1 year ago

Video

Law and Regulations

Cyber Risk and Communicating to a Board of Directors Part V--Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cyber Risk Methodology at VisibleRisk —about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more. Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004KoEHEA0 for more information!

45 Views • 1 year ago

Video

Risk Quantification

Cyber Risk and Communicating to a Board of Directors Part IV--Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cyber Risk Methodology at VisibleRisk —about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more. Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004KoEHEA0 for more information!

166 Views • 1 year ago

Video

Board Structure And Communication

Cyber Risk and Communicating to a Board of Directors Part III--Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cyber Risk Methodology at VisibleRisk —about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more. Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004KoEHEA0 for more information!

84 Views • 1 year ago

Video

Cyber Risk As A Strategic Risk

Cyber Risk and Communicating to a Board of Directors Part II--Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cyber Risk Methodology at VisibleRisk —about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more. Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004KoEHEA0 for more information!

116 Views • 1 year ago

Video

Communicating Cyber Risk To Boards

Cyber Risk and Communicating to a Board of Directors Part I--Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cybe rRisk Methodology at VisibleRisk —about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more. Don't forget to check out http://store.hataselektrik.com/s/store#/store/browse/detail/a2S4w000004KoEHEA0 for more information!

222 Views • 1 year ago

Video

Gaining Executive Leadership Support for Security Changes

APTs Require Enhanced Cyberdefense Part VIII-- Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

126 Views • 1 year ago

Video

Background On The CMMC Model

APTs Require Enhanced Cyberdefense Part VII--Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

64 Views • 1 year ago

Video

Setting Up An SOC For Success

APTs Require Enhanced Cyberdefense Part VI--Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

55 Views • 1 year ago

Video

The Transition From “Trust But Verify” to “Zero-trust”

APTs Require Enhanced Cyberdefense Part V—Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

58 Views • 1 year ago

Video

Mitigating APT risk

APTs Require Enhanced Cyberdefense Part IV-- Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

31 Views • 1 year ago

Video

Defense Against APT attacks

APTs Require Enhanced Cyberdefense Part III—Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

81 Views • 1 year ago

Video

How Organizations Should Deal with APTs

APTs Require Enhanced Cyberdefense Part II — Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

61 Views • 1 year ago

Video

Why Organizations Should Reimagine Their Cyberdefenses

APTs Require Enhanced Cyberdefense Part I-- Advanced persistent threats (APTs) are introduced by adversaries that possess sophisticated levels of expertise and significant resources, which allow them to achieve their objectives by using multiple attack vectors (e.g., cyberattacks, physical attacks, deception). We must re-imagine cyberdefense. The threats are global, the impact is local—and every organization, regardless of industry, should examine strategic options to mitigate this risk to business. The old mantra “trust, but verify” has given way to the idea of a zero trust security model, which assumes the adversary is already inside the organization’s defenses. It is worthwhile to examine some options to reduce risk from APTs. With every business now a digital business, we must re-think, we must re-imagine cyber defense.” Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/industry-news/2021/apts-require-enhanced-cyberdefense for more information!

119 Views • 1 year ago

Video

Gaining Digital Trust by Eliminating Privacy Dark Patterns

With the growing emphasis on consent for collecting and processing data, some enterprises have turned to tricking data subjects into giving their consent by using privacy dark patterns. Privacy dark patterns can manifest in numerous ways, from confusing user interface design to manipulative language. In this episode Jonathan Brandt, ISACA's Director of Professional Practices and Innovation, is joined by ISACA's Privacy Professional Practices Principal, Safia Kazi, who defines and provides examples of privacy dark patterns, their consequences, and how to avoid them. Jon and Safia also discuss how privacy dark patterns affect digital trust, which can ultimately hurt an enterprise's reputation and customers. To read the full article, Fostering Trust by Eliminating Dark Patterns click the link: http://h0snu.hataselektrik.com/fostering-trust-by-eliminating-dark-patterns. Be sure to comment, like, and subscribe for more ISACA Productions content!

531 Views • 1 year ago

Video

Building Customer Trust Through Privacy

When organizations build privacy programs that are reflective of consumers’ best interests, it builds goodwill and creates added value for the enterprise, says ISACA privacy expert Matt Stamper. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

248 Views • 1 year ago

Video

Protecting and Governing Personal Data

As more and more employees work from home, organizations will have to evolve their approaches to data privacy, including adding more credentialed privacy professionals. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

180 Views • 1 year ago

Video

Bringing Technical and Legal Privacy Professionals Together

Collaborations between technical and legal privacy professionals focused on data governance and data privacy lead to stronger privacy solutions for organizations. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

289 Views • 1 year ago

Video

Implementing the Needed Privacy Controls

Privacy credentials such as ISACA’s CDPSE certification can help practitioners ensure they are putting in place the needed technical privacy safeguards and controls. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

255 Views • 1 year ago

Video

A Seat at the Table for Privacy

Privacy is increasingly driving organizational change. Professionals who proactively seek privacy knowledge and credentials are more likely to have a seat at the table for these important conversations. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

125 Views • 1 year ago

Video

ISACA Live: Risk Scenarios

Paul Philips and Lisa Young will discuss how risk scenarios help decision-makers understand how certain events can impact organizational strategy and objectives. Good risk scenario building is a skill and can take some time to truly master. Paul and Lisa will provide actionable advice on building the best possible scenarios to help your organization better manage risk For more information check out http://h0snu.hataselektrik.com/resources/it-risk

1K Views • 1 year ago

Video

ISACA Live: Critical Infrastructure Security

ISACA's Chris Dimitriadis and the US GAO's Nick Marinos discuss the current state of critical infrastructure security, escalating threats and how to better prepare. For more information check out h0snu.hataselektrik.com/heightened-threats Subscribe for more ISACA content!

599 Views • 1 year ago

Video

ISACA Journal Turns 50!

Two long-time ISACA Journal contributors, Michael Cangemi and Steven Ross, will talk about the evolution of the industry--from what the pressing topics were back when they started contributing to the Journal to the hot topics of today. For more information, please check out - http://h0snu.hataselektrik.com/resources/isaca-journal

180 Views • 1 year ago

Video

ISACA Live: The Privacy Landscape in 2022

On Data Privacy Day, join ISACA's Safia Kazi and the "Privacy Professor," Rebecca Herold, as they discuss data privacy priorities for 2022, including: Addressing Continuing Challenges from the Privacy Past, including fax and email breaches Addressing Challenges from the Privacy Present, including IoT risk and remote work risk Addressing Privacy Challenges Yet to Come, including AI/ML and cryptocurrency For more information, be sure to check out: http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-now-blog/2021/three-key-priorities-for-privacy-practitioners-in-2022

178 Views • 1 year ago

Video

Introducing ISACA's Strategic Plan

ISACA CEO David Samuelson and ISACA Board Chair Greg Touhill share insights on ISACA's new strategic plan, including digital trust, global impact, and reaching early-career professionals.

688 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part IX–What is next with Emerging Technology and QA

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

246 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part VIII–Why should XR/VR matter to our viewers?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

173 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part VII–What is XR and VR?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

109 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part VI–Why should “internet of behaviors” matter to our viewers?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

44 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part V–What is internet of behaviors?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

48 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part IV–Why should Nano-technology matter to our viewers?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

39 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part III–What is nano-technology?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

33 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part II–Why should Quantum Computing matter to our viewers?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

35 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech Part I–What is Quantum Computing?

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

59 Views • 1 year ago

Video

ISACA Live: Ultra Emerging Tech (Full Version)

Join ISACA's Kevin Keh, and guest, Ramses Gallego [ISACA Emerging Tech Committee Member], in the latest session of our ISACA Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing! Don't forget to check out ISACA’s Certified in Emerging Technology Certification: http://h0snu.hataselektrik.com/credentialing/cet for more information

346 Views • 1 year ago

Video

ISACA Live: Emerging Tech - Cloud (Short Version)

Is cloud still considered an emerging technology in 2021? Will tablets replace laptops in the remote office workforce and is cloud changing zero trust? ISACA’s Dustin Brewer asks Julia Hermann (Head of Security Architecture and Cyber Defense at Giesecke + Devrient) these questions and more in this episode of ISACA Live! Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-podcast-library for more information

115 Views • 1 year ago

Video

ISACA Live: Emerging Tech - Cloud

Why is the cloud still considered an emerging technology in 2021? Why is the cloud both an enabler and catalyst for all other technologies? How has the cloud changed our organizational eco-systems? What is the future of cloud services? Join ISACA’s Chief Futurist, Dustin Brewer as he and Julia Hermann— Head of Security Architecture and Cyber Defense at Giesecke + Devrient answer these questions and more regarding our oldest emerging technology, the cloud! Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-podcast-library for more information!

228 Views • 1 year ago

Video

ISACA Live: State of Cybersecurity Pt. 2

In honor of Cybersecurity month, ISACA’s Director of Communications, Kristen Kessinger, and Information Security Practices Lead, Jon Brandt, discuss the findings of this year’s ISACA State of Cybersecurity research study and what they may mean for you as both members and leaders of your IT organization. Don't forget to check out http://h0snu.hataselektrik.com/resources/infographics/state-of-cybersecurity-2021-part-2 for more information

155 Views • 1 year ago

Video

ISACA Live: Global Strategy

Join ISACA’s CEO David Samuelson as he discusses ISACA’s Global Strategy with ISACA’s Chief Global Strategy officer Chris Dimitriadis. Chris shares his career path to ISACA, industry trends, advice to the next generation and how ISACA will continue to innovate in the future! Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

224 Views • 1 year ago

Video

ISACA Live Emerging Tech Session - AI

In our second LinkedIn Live stream on Emerging Tech, Dustin Brewer, Senior Director of Emerging Technology and Innovation at ISACA, and guest, Frank Downs, Senior Director of Proactive Series at BlueVoyant, discuss the ins and outs of Artificial Intelligence including why it’s considered emerging technology, how it’s used in cybersecurity and IT audit, the many different forms of AI cyberattacks, and more. Check out the highlights here! Don't forget to check out http://h0snu.hataselektrik.com/credentialing/cet/artificial-intelligence-fundamentals-certificate for more information!

285 Views • 1 year ago

Video

ISACA’s Digital Transformation Part III — The Digital Member Experience

David Samuelson and ISACA’s Chief Membership Officer, Julia Kanouse discuss the positive impact of technology on our members and the ways in which our global community has grown even closer despite the pandemic. Watch as Julia shares some takeaways from the past year, including how the success of ISACA’s virtual conferences led to the decision to make future events hybrid, showing ISACA’s commitment to being digital first and allowing the opportunity for more people to attend who may have not been able to before. David and Julia also talk about how building digital trust between ISACA and our members will play a role in areas such as future improvements to our website and its user experience. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

238 Views • 1 year ago

Video

ISACA Live with Dustin Brewer and Kristen Kessinger

Watch ISACA's Dustin Brewer tell you what you need to know about IoT now--why is it still considered an emerging tech? What are the biggest cybersecurity threats, and what opportunities will the Internet of Things bring in the next five years? Watch to find out. Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-podcast-library for more information!

158 Views • 1 year ago

Video

ISACA’s Digital Transformation Part II — People, Process, and Technology

David Samuelson is back and continuing his discussion of ISACA’s Digital transformation. This time David interviews members of ISACA’s IT team — CTO, Simona Rollinson; Sr. Director, Application Development, Sean Ways; and Sr. Director of Enterprise Project Management, Amy Witkowski. Listen in as they discuss ISACA’s new, customer-centric CMS and how we have and will rely on technology through the pandemic and beyond. The team also explains how ISACA has recruited the right talent to staff up for the programs of the future through the power of “people, process, and technology”. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

239 Views • 1 year ago

Video

ISACA’s Digital Transformation Part I —Positive Potential of Technology

Join ISACA’s CEO David Samuelson as he discusses the positive potential of technology with ISACA’s Chief Product Officer, Nader Qaimari. Listen in as Nader explains how ISACA’s newest certifications (Emerging Technology and Information Technology) were built with performance based testing and gamification to help beginners and young professionals get started in the IT field. Providing this new learning will help hiring managers who are struggling to find the right candidates due to these missing skills gaps. David and Nader also discuss ISACA’s new unified learning platforms that are scalable and supports the needs of our global members. Don't forget to check out http://h0snu.hataselektrik.com/ for more information!

345 Views • 1 year ago

Video

Industry Spotlight: Mark Thomas

In 2019, Mark Thomas was on the road 40 weeks in 18 US states and 13 countries. In 2020, he pivoted to a workstyle of 1 location, 1 state and 1 country. He tells ISACA's Jessica Barnett that he was actually prepared for a pandemic-type of event that stopped travel in his business plan. Mark and Jessica dive deep into his career journey and their shared history of developing ISACA training content. He also was the CIO of a telecommunications startup that was all remote pre-pandemic. Mark is an accredited ISACA trainer and shares his advice on what credential you should get and how to grow your career. Tune in now to hear Mark's exciting story! Visit markthomasonline.com for more information on Mark. Visit hataselektrik.com/podcasts for my ISACA podcasts. Be sure to like, comment, and subscribe for more ISACA Productions content!

410 Views • 1 year ago

Video

US DoD’s CMMC Guidelines — What You Need to Know

Cybersecurity Maturity Model Certification or CMMC is a new security program being released by the US DoD. If you are a DoD contractor, your livelihood could be at stake as contract requirements and contractors will need to be certified or a contract won’t be awarded. Listen in as TelaTek's Director of Operations, Johann Dettweiler breaks down these new requirements published in his latest journal article with ISACA's CMMI Professional Practice Lead, Kileen Harrison. Johann discusses the importance of all organizations —big or small—going through the different levels of security in the CMMC guidelines, starting at Level 1 and working their way up. What is the most important thing an organization needs to get started? The ability to read, familiarize and understand the different levels of CMMC otherwise, they won’t know how to implement it in their organization and will have to hire a third party. These CMMC requirements are here to stay and will only continue to get more stringent the more hacks and attacks keep increasing. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-4/what-government-contractors-should-know-about-the-us-dods-cmmc-guidelines for more information!

124 Views • 2 years ago

Video

Security As A Service

What is security as a service and when is it needed? Tune in as ISACA’s Cyber Pros explain how the increase in hacks and attacks are forcing companies to take cyber security more seriously. The bad news is, there is a lack of cyber security professionals in the field and those who do have the necessary skillset to manage a company’s security are becoming more and more costly. Academia is trying to help get the security workforce up to speed quickly, but they are failing. Until we see an influx of new and skilled cyber security professionals, security as a service is an option that can save your company both time and money and help assure that your company’s data and information is safe and secure. For more information, check out ISACA’s State of Cybersecurity 2021: http://h0snu.hataselektrik.com/go/state-of-cybersecurity-2021

85 Views • 2 years ago

Video

IT Audit in Practice: Survival When You are Small-business Continuity and Resilience

Everyone needs a resilient operating model, and the pandemic has been the reality check showing how necessary it is to have a plan. Was your small-business or corporation prepared for the shift to remote work in early 2020? If not, you probably realized that business continuity is more than having the right systems and applications in place. The most important factor is people! Although both large and small enterprises have accommodated and adapted, the smaller organizations with fewer resources and time have faced equal or greater hurdles when it comes to this type of planning. Join ISACA’s IT Professional Practices Lead, Kevin Keh, as he interviews Cindy Baxter, Director, What’s the Risk, LLC and discusses the importance of having a business continuity and resilience plan for your business. Cindy discusses consistently updating your crisis team and notification systems, the importance of allowing an auditor to fully understand your business, accepting critical feedback throughout the entire audit process vs. waiting for the final report and more! Cindy also mentions how small business owners and employees shouldn’t get defensive or take the findings personally. Remember, the value comes not in the result, but in the adoption of the results and recommendations. For more information on this topic, download ISACA’s IT Business Continuity/Disaster Recover Audit Program here: shorturl.at/uLZ16

117 Views • 2 years ago

Video

Privacy-Preserving Analytics and Secure Multiparty Computation

Organizations are increasingly concerned about data security in several scenarios, including collecting and retaining sensitive personal information; processing personal information in external cloud environments, and information sharing. Commonly implemented solutions do not provide strong protection from data theft and privacy disclosures. Privacy and risk management professionals are particularly concerned about the privacy and security of data analytics that are shared externally. Compliance of privacy regulations such as the US State of California Consumer Privacy Act (CCPA), the EU General Data Protection Regulation (GDPR) and other emerging regulations around the world require techniques for secure processing of sensitive data. Listen in as ISACA’s Safia Kazi interviews Chief Security Strategist and data protection expert, Ulf Mattsson on the latest on privacy-preserving techniques. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-2/privacy-preserving-analytics-and-secure-multiparty-computation for more information!

175 Views • 2 years ago

Video

Why should I listen to you?

Why should you listen to ISACA’s CyberPros? Find out as Dustin Brewer and Frank Downs explain how they got started in the cybersecurity field and grew their knowledge and experience to become the cyber professionals they are today. Dustin and Frank discuss their traditional and non-traditional paths to learning, their experience working in the US government and the importance of earning a certification and continuing your education. Want to know how to get started in Cybersecurity? Start here by listening to this podcast. Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-podcast-library for more information!

73 Views • 2 years ago

Video

ISACA Live with Dustin Brewer and Kristen Kessinger (short version)

Watch ISACA's Dustin Brewer tell you what you need to know about IoT now--why is it still considered an emerging tech?

2 years ago

Video

Cybersecurity Isn’t Real, Right? Wrong!

Every day, the risk of cyber and ransomware attacks regularly increases in frequency and danger. But despite the proof in numbers, many organizations still don’t recognize the need to fortify their fortress and improve the strength of their Cybersecurity practices. This is because the leadership of many organizations don’t understand cybersecurity or even want to understand it. That is —until it is too late. In this episode, ISACA’s Cyber Pros, Dustin Brewer and Frank Downs explain the importance of cybersecurity and provide real world examples of why it pays to be proactive, not reactive when it comes to your company’s security. In the end, it will not only save your company a ton of time and money, but may even save your company! Interested in learning more on this topic Check out ISACA’s State of Cybersecurity 2021 report at http://h0snu.hataselektrik.com/go/state-of-cybersecurity-2021 .

182 Views • 2 years ago

Video

Just the Fax on Cybersecurity

Is your home printer or fax machine an IOT device? You bet it is! Dubbed ‘Faxploit’, research has shown how cyber criminals can infiltrate any home or corporate network by exploiting wireless printers and fax machines. A fax numbers is all it takes to launch this type of attack. Listen in as Cyber Pros, Dustin Brewer and Frank Downs discuss the need for these home devices, how—they too—are at risk of being hacked and their best suggestions on how to mitigate this vulnerability. So fill your paper tray, test your fax connection and press play…it’s time for a Cyber Pros breakdown! Don't forget to check out http://h0snu.hataselektrik.com/resources/news-and-trends/isaca-podcast-library for more information!

127 Views • 2 years ago

Video

Advanced Security for secret information

Listen in as ISACA Journal columnist, Steven Ross, CISA, CDPSE, AFBCI, CISSP, MBCP, delves deeper into his latest article, “Advanced Security for Secret Information.” As a follow up to his two previously published journals, “Keeping Secrets,” and “Secrets and Privacy,” Ross continues to make the case that the protection of secret information is becoming a significant issue in cybersecurity. All companies —no matter how small— need some form of a security program to protect their secret information. However, the security that is currently in place to protect those secrets are oftentimes insufficient. Steven discusses the use of encryption and extended monitoring to keep the “bad guys” at bay from stealing your important information. Don't forget to check out http://h0snu.hataselektrik.com/resources/isaca-journal/issues/2021/volume-3/advanced-security-for-secret-information for more information!

210 Views • 2 years ago

Video

CMMI Tech Talk: Model Deep Dive: Workforce Empowerment (WE) Practice Area

Video

Data Quality Practice Area Overview

Video

In Pursuit of Digital Trust – Alon Amit

Video

In Pursuit of Digital Trust – Francisco Guimaraes

Video

ISACA Live: Advancing Digital Trust Through Cybersecurity

Video

What does Digital Trust Mean to You? Alex Feng Testimonial

Video

What does Digital Trust Mean to You? Scott Bauman Testimonial

Video

What does Digital Trust Mean to You? Ria Bluitt Testimonial

Video

What does Digital Trust Mean to You? Chris Madeksho Testimonial

Video

What does Digital Trust Mean to You? Charlotte Harris Testimonial

Video

What does Digital Trust Mean to You? Martin Poipoi Testimonial

Video

What does Digital Trust Mean to You? Julie Chatman Testimonial

Video

What does Digital Trust Mean to You? Tamara Lauterbach Testimonial

Video

What does Digital Trust Mean to You?

Video

ISACA Live | State of Digital Trust 2022: What It Means for You and Your Organization

Video

In Pursuit of Digital Trust – Tamara Lauterbach (Short)

Video

In Pursuit of Digital Trust – Tamara Lauterbach

Video

In Pursuit of Digital Trust – Anthony Ayo

Video

In Pursuit of Digital Trust – Anthony Ayo (Short)

Video

In Pursuit of Digital Trust – Shea Nangle

Video

In Pursuit of Digital Trust – Shea Nangle (Short)

Video

In Pursuit of Digital Trust – Julie Chatman

Video

In Pursuit of Digital Trust – Julie Chatman (Short)

Video

ISACA: Introduction to Digital Trust Online Course_38

Video

Digital Trust: The Bigger Picture

Video

ISACA: Introduction to Digital Trust Online Course_25

Video

Digital Trust - Many Ways

Video

What does Digital Trust Mean to You?

Video

Digital Trust Requires All Hands on Deck—But the ROI Is Worth It

Video

ISACA: Introduction to Digital Trust Online Course_70

Video

What does Digital Trust Mean to ISACA?

Video

ISACA Member Benefits and Community

Video

Move Your Career Forward with ISACA’s Member-Exclusive Benefits

Video

Member Get a Member (MGAM) - Testimonials

Video

A Conversation with ISACA’s New CEO Erik Prusch

Video

Spotlighting the Member-Exclusive Speaker Series

Video

3 Keys to Engagement!

Video

Discover the Value of an ISACA Membership

Video

How to Become an ISACA Member

Video

Why I Renew My Membership with ISACA