535.6K
Downloads
302
Episodes
The ISACA Podcast gives you insight into the latest regulations, trends and threats experienced by information systems auditors and governance and security professionals. Whether you are beginning your career or have decades of experience, the ISACA Podcast can help you be better equipped to address industry challenges and embrace opportunities.
Episodes
Tuesday Sep 17, 2024
Addressing SAP Security Gaps
Tuesday Sep 17, 2024
Tuesday Sep 17, 2024
SAP systems are treated differently than many other enterprise applications from a cybersecurity perspective. Most SAP security teams are siloed and left to meet security objectives on their own. Since SAP is so integral to organizations, it is unusual for SAP security objectives to not be on the radar of an existing 24/7 cybersecurity team executing response actions for Linux or Microsoft environments. SAP teams must be integrated w
SAP systems are treated differently than many other enterprise applications from a cybersecurity perspective. Most SAP security teams are siloed and left to meet security objectives on their own. Since SAP is so integral to organizations, it is unusual for SAP security objectives to not be on the radar of an existing 24/7 cybersecurity team executing response actions for Linux or Microsoft environments. SAP teams must be integrated with other cybersecurity groups within an organization to empower them with a security approach that unifies the entire enterprise landscape.
A chief information security officer (CISO) has many priorities, but when it comes to SAP environments, CISOs must fully understand how SAP applies to the IT enterprise and organizational environment to help them achieve all security goals. In addition, CISOs need to know their SAP team members personally so they can integrate them rather than contain them in silos. Finally, SAP must be secured to the same degree as other enterprise applications. When there is a Linux, Microsoft, or even a hybrid cloud incident, cybersecurity teams have a detailed plan of action upon which they are ready to act. SAP requires high-level consideration, or critical elements of the business will be vulnerable to malicious cyber actors—with no apparent response.
Wednesday Jul 24, 2024
What Enterprises Need to Know About ChatGPT and Cybersecurity
Wednesday Jul 24, 2024
Wednesday Jul 24, 2024
Many people are pondering whether generative artificial intelligence (AI) tool ChatGPT is a friend or a foe.
In this ISACA podcast episode, Camelot Secure Director of Solutions Engineering Zachary Folks discusses not only his view of how ChatGPT can be considered an evolution of the encyclopedia, but importantly how it is aiding cybersecurity professionals and the overall goal of enterprise security, as well as how cybercriminals who want to exploit it can leverage it as well. He believes the world is entering a time when AI is fighting AI, and security professionals must focus on feeding ChatGPT technology more relevant data faster than the adversary. Folk also addresses how AI is affecting social engineering and his predictions for upcoming AI developments.
Thursday May 30, 2024
The Cyber Standard Podcast - Episode 4
Thursday May 30, 2024
Thursday May 30, 2024
Welcome to Episode 4 of "The Cyber Standard Podcast"!
Join host Ameet Jugnauth, Vice President of the London Chapter of ISACA, as he delves into the world of cybersecurity standardization. In this episode, titled "Becoming a License Body," Ameet is joined by esteemed guests Bryan Lillie, Strategic Technical Lead at the UK Cyber Security Council, and Peter Leitch, Co-Founder and Managing Partner at ANSEC. Together, they explore the intricacies of licensed bodies in shaping the cyber profession. Don't miss this insightful conversation!
Explore Further:
Delve deeper into the subject with additional resources provided in the episode description.
Thursday Apr 25, 2024
The Cyber Standard Podcast - Episode 3
Thursday Apr 25, 2024
Thursday Apr 25, 2024
Welcome to Episode 3 of "The Cyber Standard Podcast"!
Join host Ameet Jugnauth, Vice President of the London Chapter of ISACA, as he delves into the essential aspects of applying for and assessing candidates in the cybersecurity field. In this episode, titled "How to Apply," Ameet is joined by distinguished guests Ethan Duffell, representing the UK Cyber Security Council, and Allan Broadman, Director of CyberAdvisor London. Together, they shed light on the launch of specializations and the significance of professional standards in the cybersecurity sector. Don't miss this insightful conversation!
Explore Further:
Delve deeper into the subject with additional resources provided in the episode description.
Wednesday Apr 24, 2024
Effective Third Party Risk Management in 2024: AI’s Impact and Future Trends
Wednesday Apr 24, 2024
Wednesday Apr 24, 2024
Traditional security questionnaires just aren't cutting it anymore.
Tune into this ISACA Podcast episode, Chris McGowan chats with VISO TRUST CEO and Co-founder, Paul Valente as they delve into the evolving landscape of Third-Party Risk Management (TPRM), exposing the limitations of current methods and exploring how emerging AI trends are shaping a more secure future and driving more effective third-party risk management programs.
To learn more about VISO Trust please go to https://visotrust.com/
Wednesday Apr 03, 2024
Unlocking Strategic Value from a Bug Bounty Program
Wednesday Apr 03, 2024
Wednesday Apr 03, 2024
Are you curious about how to maximize the strategic value and impact of your bug bounty program?
In this episode, you can learn how Adobe continuously develops and improves its bounty program to engage security researchers and hackers globally and improve its security posture from an adversary perspective.
In this ISACA Podcast, Chris McGown, ISACA's Information Security Professional Practices Principal, chats with Alex Stan, Product Security Engineer and member of the Product Security Incident Response Team (PSIRT), discusses the value of bug bounty programs and shares how you can develop a metrics-driven approach to enhance the internal security testing and detection capabilities of your organization.
Explore Further: Delve deeper into the subject with additional resources
https://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12
Thursday Mar 28, 2024
The Cyber Standard Podcast - Episode 2
Thursday Mar 28, 2024
Thursday Mar 28, 2024
Welcome to Episode 2 of "The Cyber Standard Podcast"!
Join host Ameet Jugnauth, Vice President of the London Chapter of ISACA, as he delves into the intricacies of cybersecurity standardization. In this episode, titled "Audit and Assurance," Ameet is joined by esteemed guests Leanne Sperry, Project Manager for Standards Development at the UK Cyber Security Council, and Mike Hughes, the ISACA Immediate Past President for ISACA Central UK. Together, they explore key challenges, lessons learned, and insights from related workshops in the realm of Audit and Assurance. Don't miss this insightful conversation!
Explore Further:
Delve deeper into the subject with additional resources provided in the episode description.
Wednesday Feb 28, 2024
The Cyber Standard Podcast - Episode 1
Wednesday Feb 28, 2024
Wednesday Feb 28, 2024
Tune in to the inaugural episode of "The Cyber Standard Podcast," “The Vision!”
Join host Ameet Jugnauth as he interviews Robin Lyons, ISACA Principal, IT Audit Professional Practices, and Annmarie Dann, Director of Professional Standards at the UK Cyber Security Council, in a compelling discussion about the standardization of specialisms in cybersecurity. Explore the Council's and ISACA's visions for the future, the significance of the Audit & Assurance specialism, and the collaborative efforts between the two organizations. Don't miss this insightful conversation that sets the stage for the podcast's journey into the world of cybersecurity standardization.
Explore Further: Delve deeper into the subject with additional resources provided in the episode description.
Wednesday Feb 21, 2024
Measuring Security Risk Against Dynamic Threats
Wednesday Feb 21, 2024
Wednesday Feb 21, 2024
Getting dressed is a routine example of everyday life packed with choices. Should I wear pants or shorts? Do I need a sweater? Shoes or sandals? While we often make these choices subconsciously, even actions that don’t appear as choices include several microscopic risk-based calculations.
These judgments are executed based on some estimate of risk, and as known in the cybersecurity industry, what is believed to be safe today may no longer be safe tomorrow (or possibly even within the hour). Given this unique challenge, how do you establish a process that allows you to identify, analyze, prioritize, and treat security risks that are constantly evolving and where the threat is persistently adapting?
In this podcast, ISACA's Lisa Cook discusses with Adobe's Matt Carroll, Senior Manager of Technology Governance, Risk, and Compliance the risk methodology and practices his team has developed at Adobe that have helped the company rapidly measure security risk in a constantly changing landscape.
Wednesday Feb 14, 2024
Reflecting on 25 Years of Information Security Matters
Wednesday Feb 14, 2024
Wednesday Feb 14, 2024
ISACA recently marked the 25th anniversary of Steve Ross’ ISACA Journal Information Security Matters column. Over the last quarter century, technology, security, and the workforce have evolved, while certain challenges remain the same.
In this ISACA Podcast episode, Safia Kazi speaks to Steve about how he started writing for the Journal, societal shifts in security perceptions, and how writing skills are invaluable for anyone in the security industry.