ISACA Podcast

Understanding product security risk starts before a single code line is written. Teams can discover threats to the architecture of a system early in the development life cycle with Threat Modeling. While it’s not a new concept, how do we transform traditional ways of Threat Modeling to meet the complexities of modern software development at scale?

In this ISACA Podcast episode, Chris McGowan chats with Lauren Strope, Manager of Application Security at Adobe. Lauren offers her expertise on strategies for scaling your program and provides unique perspectives on the future of Threat Modeling.

Learn more about Adobe at www.adobe.com

For more ISACA Podcasts, please visit https://www.isaca.org/resources/news-and-trends/isaca-podcast-library 

Security risks introduced by vendors have become a top-of-mind concern for executives today, driven by recent supply chain incidents that have exposed organizations to operational and reputational risks.

A robust vendor security program is now a must, as it helps ensure compliance and proactively identifies and mitigates these risks throughout the vendor lifecycle. However, many vendor security teams today face an ever-growing backlog of security reviews, creating increased urgency and pressure for teams to maintain quality assessments. These reviews are often perceived as time-consuming in the procurement process, calling for a balance between meeting business demands and conducting thorough assessments to identify and isolate potential risks.

In this ISACA Podcast, Adobe's Manager of Vendor Security Nidhi Bandi shares about recent enhancements Adobe has made to calculate risk in the vendor space better and provides guidance on how you can stand up a strong vendor security program that balances procurement needs at your organization.

Learn more about Adobe at https://www.adobe.com/

Listen to more ISACA Podcasts at https://www.isaca.org/resources/news-and-trends/isaca-podcast-library 

If we want people to bring their most creative, innovative selves to work, we need to cultivate a culture where inspiration is given, encouraged, and fostered.

In this ISACA Podcast, Kristi Hedges, executive coach, and leadership development consultant, speaker, and author, gives a sneak peek of her upcoming member-exclusive 'Cultivating Inspired Leaders, a CPE-eligible event. At the event, Kristi Hedges will provide a roadmap for building an inspired mindset for leaders, teams, and individuals.

Register for this ISACA event at https://www.isaca.org/membership/member-exclusive-speaker-series

Neurodiversity within cybersecurity offers many benefits but requires organizations and hiring managers to re-evaluate hiring practices and job descriptions typically structured for neurotypical applicants.

Join ISACA's Director of Professional Practices and Innovation as he hosts a conversation with a company helping to remove barriers and maximize the value neurodiverse talent brings to cybersecurity.

For more ISACA Podcast, go to https://www.isaca.org/resources/news-and-trends/isaca-podcast-library 

Agile Scrum is a lightweight framework that promises to significantly improve internal audits by creating a mindset that generates stakeholder value through adaptive solutions for complex auditing problems. This mindset is needed as organizations face unprecedented changes and pressures in today's business landscape. Internal audits must keep leaders informed and aware of potential risks.

Such a mindset addresses some of the often-experienced auditing challenges such as a lack of senior management support, insufficient audit preparation time, difficult auditees and lack of time needed to write audit results.

Featuring special guest Thomas Bell and hosted by ISACA's Robin Lyons.

Chronic workplace stress can lead to burnout, which poses a significant risk to the mental health of busy professionals, such as auditors. But how can these professionals protect themselves from burnout? And how can their employers help them do so? If you are interested in learning the answers to these questions, then watch as ISACA’s Robin Lyons and Dr. Elena Klevsky, Assistant Professor of Accounting at the University of Tampa, discuss strategies for avoiding burnout.

Inspired by the Sustainable Model of Human Energy proposed by Ryan Quinn, Gretchen Spreitzer and Chak Fu Lam, these strategies focus on managing your personal energy by increasing resources, decreasing job demands, practicing skills and tasks, and monitoring energy.

Properly implementing these strategies has the potential to help busy professionals ensure that they have sufficient resources to meet their job demands, and, therefore, increase the likelihood that they feel energized instead of exhausted.

While users of technology are becoming more educated in how to avoid cyberattacks such as phishing, a distracted user might be more prone to missing signs of social engineering. This project explored whether users immersed in augmented reality applications were more inclined to fall for an on-screen text message that prompted familiarity (such as a friend calling in) or urgency (such as a warning to update software or be subject to an automatic device re-boot within a certain timeframe).

Featuring special guest Sarah Katz and hosted by ISACA's Collin Beder.

A comprehensive information security awareness program must be in place to ensure that employees are aware of and educated about the threats they may encounter at the workplace. The workforce needs to be prepared to know how to respond to these threats. It all starts with a risk assessment to identity the most critical of risks that need to be mitigated through preparedness. Making security a part of the organization’s culture reduces these risks to an acceptable level.

Featuring special guest Chris Madeksho and hosted by ISACA's Lisa Cook.

This podcast speaks about how an Information Systems (IS) Auditor can prepare for the Interruptions, Disruptions and the Emergence events that happen to the business and to technology.

Describing the features of Interruptions, Disruptions and Emergence events and distinguishing the differences between them, special guest Anantha Sayana outlines how the IS Auditor can prepare, react, and contribute to all the three.

Hosted by ISACA's Hollee Mangrum-Willis.

On this podcast, ISACA's Hollee Mangrum-Willis and special guest Cindy Baxter discuss the disparities between American communities and access to electronic health records. From there, they examine how key data insights from the ISACA community can help us all be healthier.