August 11, 2022
Cybersecurity leader, author, and host of the CISO Stories podcast, Todd Fitzgerald sits down with ISACA’s Chelsey Byrd to discuss his extensive career journey in security, his best-selling book, CISO COMPASS, and how a make-believe FBI club connects directly to his career passions today.
As one of ISACA’s top-rated speakers, Todd gives tips and techniques for the best way to prepare for a speaking event, how to engage the audience, and some entertaining moments and behind-the-scenes accounts from conferences!
Named the Chicago CISO of the Year and ranked Top 50 IS Executive in 2016 and 2017, Todd offers listeners his best career advice, ways to stay aware of current business trends, and much more.
Listen now to this episode of ISACA’s Industry Spotlight.
To listen to CISO Stories, visit https://securityweekly.com/category-shows/the-ciso-stories-podcast/.
To listen to more ISACA Podcasts, visit www.isaca.org/podcasts.
August 9, 2022
A strong audit and assurance function is critical to achieving digital trust in an organization. This conversation spotlights audit's role in digital trust and outlines key priorities. It also shares new ISACA resources for auditors.
For more information, go to https://isaca.org/digital-trust
![Managing Security Across Disparate Database Technologies]()
August 4, 2022
We usually think about the most efficient way to do things while working in production environments. Still, often employees forget about an insecure environment once the work has been completed and they have moved on to another project.
“We don’t always need to audit things; sometimes you can gauge risk by having a conversation with stakeholders…on how they manage databases,” says Adam Kohnke, Cybersecurity Architect for Charter Next Generation.
Adam joins ISACA’s Jon Brandt in this episode to discuss his recently released ISACA Journal article, “Managing Security Across Disparate Database Technologies.” Adam breaks down best practices for User Access Management, Encryption, and Logging. He comments on the best ways to start the conversation about security beyond what management considers vital for IT.
Tune in now for the full episode!
To read the full article, visit www.isaca.org/managing-security-across-disparate-database-technologies.
To listen to more ISACA podcasts, visit: www.isaca.org/podcasts
August 2, 2022
AI is a part of our everyday life. What's The Risk LLC's Cindy Baxter gives ISACA's Kevin Keh examples of modern media like the movies Free Guy, Ron’s Gone Wrong and The Matrix, and how they relate to AI-related risk factors, and they ask the questions, what is true? what is the data we are looking at? AI is about data accuracy and reputational risk, and Cindy discusses how to manage frameworks, create meaningful check points and intended outcomes six months or 2 years later that are spot on for what an organization intended. Cindy strongly believes that you always get a better outcome with diversity, because people from diverse backgrounds and life experiences create different ways to learn and produce innovative ideas and avoid rework.
To read Cindy's full article, visit: www.isaca.org/implementing-emerging-technologies
To listen to more ISACA podcasts, visit: www.isaca.org/podcasts
July 28, 2022
ISACA's risk expert Paul Phillips and Richard Hollis, CEO of Risk Factory and an ISACA Conference Europe speaker, examine top cyber risks impacting the supply chain, steps organizations need to take to manage supply chain risk, and important steps to take in the contract process.
Be sure to like, comment, and subscribe for more ISACA Productions content.
July 26, 2022
On this episode of Industry Spotlight, ISACA's outgoing Board Chair, Greg Touhill, introduces the 2022-23 Board Chair, Pam Nigro. They trade stories from their careers, Pam's thoughts on the future of ISACA, how Game of Thrones relates to Cybersecurity, and Greg shares his favorite moments from his tenure.
To read Pam's welcome letter, go to: www.isaca.org/letter-from-the-incoming-board-chair
To listen to more ISACA Podcasts, go to: www.isaca.org/podcasts
July 21, 2022
In this episode, ISACA’s Jon Brandt chats with Thomas Lenzenhofer, Business Development Manager at Cisco, about his new ISACA article titled, “The Impact of People on Today’s Information Security Landscape.”
With over 20 years of industry experience, Thomas has a wealth of knowledge to share with ISACA listeners. The security of an organization is a serious matter, and Thomas gives a vivid scenario from his recent ISACA Journal article about how an attack on a country's health care system could be massively disruptive to the daily functions of staff computer systems, possibly causing employees not to receive payroll. Thomas also gives examples of how to properly train staff to avoid an event like this and says that security is a business enabler from the top-down. Tune in now!
To read Thomas' ISACA article, visit: www.isaca.org/impact-of-people-on-information-security-landscape
To listen to more ISACA podcasts, visit: www.isaca.org/podcasts
July 19, 2022
Executive Director for GRC for Intelligent Ecosystem (GRCIE) Jenai Marinkovic joins ISACA Director of Professional Practices and Innovation Jon Brandt to address key findings in ISACA's 2022 State of Cybersecurity report and talk about GRCIE program. In this two-part program, they delve into program creation, services offered, student selection and how ISACA research continues to shape their work.
For more information about GRCIE, visit https://www.grcie.org/
Be sure to like, comment, and subscribe for more ISACA Productions content
July 14, 2022
Executive Director for GRC for Intelligent Ecosystem (GRCIE) Jenai Marinkovic joins ISACA Director of Professional Practices and Innovation Jon Brandt to address key findings in ISACA's 2022 State of Cybersecurity report and talk about GRCIE program. In this two-part program, they delve into program creation, services offered, student selection and how ISACA research continues to shape their work.
For more information about GRCIE, visit https://www.grcie.org/
Be sure to like, comment, and subscribe for more ISACA Productions content
![Smarter Testing = Safer Digital Experiences]()
July 12, 2022
Application testing is a critical component of a software development lifecycle. A complete testing battery for any application includes not only functionality and usability testing but security and reliability testing as well. However, helping ensure that security testing in particular produces results that focus on actionable items – with accurate relative priorities – has been a persistent challenge. Are actionable items from testing actually going to move the needle in terms of product quality and resilience – especially in how they manage evolving threats? While the “OWASP Top 10” and “CWE/SANS Top 25” are still important, they represent merely a reasonable beginning to a security testing strategy. How do you go beyond those lists and become truly more “adversary-aware” in testing? In addition, how do you make sure that these testing efforts genuinely help your development teams “shift left” in their thinking and implementation of better security controls in your applications? These are challenges Adobe set out to solve by not just making our testing efforts more extensive or frequent – but smarter, and with as tight of alignment as possible to the software development lifecycle and even closer in modeling real-world adversary threats.
We invite you to join Shannon Lietz, VP, Adobe Security, as she speaks with ISACA's IT Audit Professional Practices Principal, Robin Lyons for a discussion of these issues and others that we must address as an industry to make us genuinely more “DevSecOps”-minded in our approach to application security testing. Robin and Shannon will discuss Adobe’s overall strategy around our application testing efforts and how smarter testing is fundamental to achieving a true “shift left” approach around application security. They will also talk about how this effort is really going to help us deliver the safer digital experiences users are demanding.
For more information go to https://trust.adobe.com
Be sure to like, comment, and subscribe for more ISACA Productions content.
