ISACA Podcast
How Do Organizations Control Their Use of Social Media

How Do Organizations Control Their Use of Social Media

January 10, 2022

What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls.

Don't forget to check out https://www.isaca.org/resources/isaca... for more information!

From the Board Level to the Code Level

From the Board Level to the Code Level

January 5, 2022

Blake Curtis is a global business risk and security engineer for Deloitte Global and a research scientist completing his Ph.D. in cybersecurity and risk management. Today he breaks down frameworks, governance, and governmental controls from the board level to the code level. ISACA's Lisa Villanueva then asks him about years of experience vs. years of exposure as he gives his solution for the industry skills gap. In addition, he gives us some history on ISACA and CISA. Press play now to get into it with Blake!

A note from the author: Blake Curtis

Blake is asking for listeners' assistance in completing his research by taking a quick survey. He is collecting responses from IT auditors; however, we also collect survey responses from IT professionals and cybersecurity practitioners. To learn more please read below.

Your Choice: Anonymity or Engagement 

The participants' responses will remain anonymous. As a result, no one will be able to identify them or their answers. Additionally, no one will know whether they participated in the study unless they received a certificate of completion and decide to share it via social media or other media sources.

However, we strongly encourage each participant to share their certificate on LinkedIn and share the survey with other candidates. Their contributions will inform the scientific body of research and potentially influence equitable hiring decisions in the Governance, Risk, and Compliance (GRC), Cyber, and Audit professions.

Get CPE Credit! 

Participants will have the option to receive a certificate of completion at the end of the survey. They may be able to use this certificate to receive Continuing Professional Development (CPD) or Continuing Professional Education (CPE) units.

Take this survey/assessment, earn CPE credit and help Blake with this market research! https://cyberauditor.questionpro.com

To reach the full article, please check out https://www.isaca.org/resources/isaca-journal/issues/2021/volume-6/how-to-construct-a-governance-system-from-the-board-level-to-the-code-level

ISACA Cyber Pro Chats with Naomi Buckwalter

ISACA Cyber Pro Chats with Naomi Buckwalter

January 4, 2022

ISACA’s Cyber Pro, Jon Brandt, invites information security guru, Naomi Buckwalter, Director of Information Security and IT to the podcast to discuss hot and heavy topics within Cybersecurity and the IT industry. Listen in as they hash out the current and future trends. 

What Will it Take to Reach DevSecOps Maturity?

What Will it Take to Reach DevSecOps Maturity?

January 3, 2022

While our development teams have been busy running full speed ahead using the latest and greatest technology to build amazing products, security teams haven’t always been known to keep the same pace – and we have reached a point of “developer revolt.” Security teams are still too often viewed as producers of “design constraints” by development teams versus “reliable partners” in helping them build better software. The path to changing this is getting security more tightly integrated into the DevOps pipeline – and working to make security even more of everyone’s responsibility. In this podcast Shannon Lietz, Adobe’s VP of Vulnerability Labs, will discuss some of the opportunities for security teams to become trusted partners, providing a roadmap for how DevSecOps needs to evolve to reach necessary maturity, and discuss some of the efforts that can help the broader security industry get better at this essential security muscle.

Emerging Tech Session #5 - Ultra-Emerging Tech

Emerging Tech Session #5 - Ultra-Emerging Tech

December 22, 2021

Join Kevin Keh, IT Professional Practices Lead - Research Development for ISACA, and guest, Ramses Gallego, International Chief Technology Officer for CyberRes in the latest session of our LinkedIn Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging, and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing!

Security Operations Challenges in 2021

Security Operations Challenges in 2021

December 9, 2021

ISACA’s Director, Channel Business Development, Chris DeMale is joined by ServiceNow’s Director of Product Marketing, Karl Klaessig in this follow up interview that takes a deeper look into his presentation during ISACA’s Virtual Summit session, Security Operations Challenges in 2021. The presentation discussed how opportunistic and tenacious cybercriminals can be. Klaessig takes explores how dissecting attackers' behavior and automating responses can better defend your attack surface.

Information Security Programs Need to be Ubiquitous, Proactive, and Vigilant

Information Security Programs Need to be Ubiquitous, Proactive, and Vigilant

December 7, 2021

This ISACA TV interview is a discussion about information security concerns (and challenges), evolution, and the future. Topics covered include mobile computing devices, the Internet of Things (IoT), artificial intelligence (AI), cyber threat intelligence (CTI), software tools, and malware. Threats, risk, safeguards, and countermeasures will be reviewed along with some new ideas and approaches. Tune in as ISACA’s Information Security Professional Practices Lead, Jon Brandt chat with Larry Wlosinski, Senior Consultant at Coalfire Federal about his recently release article, Cyberthreat intelligence as a Proactive Extension to Incident Response.

How Innovative Enterprises Win With Secure Machine Learning

How Innovative Enterprises Win With Secure Machine Learning

November 30, 2021

Enterprises use machine learning to validate who they are doing business with and to find new opportunities. ISACA's IT Professional Practices Lead Kevin Keh discusses secure machine learning with Protegrity's Chief Security Strategist Ulf Mattsson. Ulf explains Trusted Execution Environment (TEE), synthetic data, and encryption keys. All these technologies can be sometimes misunderstood, but they are changing the digital landscape, so listen in now!

 

Link: https://www.isaca.org/resources/isaca-journal/issues/2021/volume-6/how-innovative-enterprises-win-with-secure-machine-learning

HCL State of Cybersecurity 2021

HCL State of Cybersecurity 2021

November 22, 2021

Jon Brandt (Information Security Professional Practices Lead at ISACA) and Renju Varghese (Fellow and Chief Architect at HCL Technologies) break down the State Of Cybersecurity 2021 —Part II report. Threat actors did not take advantage of clients more during the pandemic, but there have been higher instances of attacks or attempts of attacks during the past 18 months. This has brought attention to organization’s boards and executives to show Cybersecurity in a more serious light than it was pre-pandemic. Tune in now to hear what Renju says you can expect in 2022!

 

ISACA's State of Cybersecurity 2021 – Part II report:

https://www.isaca.org/why-isaca/about-us/newsroom/press-releases/2021/new-isaca-study-finds-cybersecurity-workforce-minimally-impacted-by-pandemic-but-still-grappling

ISACA’s New CyberPro – Jon Brandt

ISACA’s New CyberPro – Jon Brandt

November 18, 2021

Listen in as ISACA’s Information Security Professional Practices Lead, Jon Brandt grabs the podcast microphone and takes over November’s Cyber Pros to discuss CISA’s Directive Breakdown.   

Podbean App

Play this podcast on Podbean App