ISACA Podcast

One of Ed McCabe's first childhood memories was taking apart his grandparent's heirloom grandfather clock to find out why it wasn't working. His grandparents were not happy to find it in pieces, but he did get it working again and says that experience was the beginning of a life-long interest in IT, beginning his quest to always ask "why, how and what is technology supposed to do and what is it not, supposed to do?". ISACA's Angie Coleman talks to Ed about his career in the US Navy, private sector and founding his own company The Rubicon Advisory Group. Ed discusses how his organization has supported clients through the most challenging moments during the pandemic, how he learned to find balance for his life while sustaining his passion for education and technology, and what his advice is to ISACA members when preparing for a certification test.

For more information on Ed, visit: www.therubiconadvisorygroup.com

To listen to more ISACA Podcasts, visit: www.isaca.org/podcasts

Be sure to like, comment, and subscribe for more ISACA Productions content!

"The thing that you plan for is not the thing that is going to happen" says Risk Masters' Executive Principal Steven Ross. Steven talks to ISACA's Safia Kazi about how to prepare for a cybersecurity Event and how to recover. Steven discusses the types of attacks to watch out for, Business Continuity Planning and how to recover from a cybersecurity event. Listen in as Steven shares some ways you can use your imagination to prepare for "the thing that is going to happen".

To read Steven's full article, visit: https://www.isaca.org/resources/isaca-journal/issues/2022/volume-3/cyber-business-recovery

To listen to more ISACA Podcasts, visit: https://www.isaca.org/podcasts

Everyone starts somewhere and for Niki Gomes, it was at the front desk of a hotel where she worked her way up to hospitality management, before pivoting to accounting and finally to the American Red Cross, where she is currently Senior Internal Auditor. Niki tells ISACA's Melissa Swartz about her passion for people, technology and how the pandemic changed her work life to better connect with her family.

Dive deep into this Industry Spotlight episode as Niki discusses why young Black and Latina women are under-represented in the industry and her plan to remedy that divide, mentoring and what her advice is for the next generation. Tune in now to hear all of Niki's inspiring story!

For more information, check out out https://www.redcross.org/

Be sure to like, comment, and subscribe for more ISACA Production content.

Paul Philips and Lisa Young will discuss how risk scenarios help decision-makers understand how certain events can impact organizational strategy and objectives. Good risk scenario building is a skill and can take some time to truly master. Paul and Lisa will provide actionable advice on building the best possible scenarios to help your organization better manage risk.

For more information check out https://www.isaca.org/resources/it-risk

Data now includes, consumer's social media, news, view and even browser searches. From 2010-2020, the amount of data created, captured, and copied in the world increased from 1.2 trillion GB to 59 trillion GB and the amount created in the next 5 years is projected to double. With that massive amount of data being collected, there is a growing sense of distrust with consumers when it comes to privacy. 

RGP's Janis Parthun and Lynn Rohland join ISACA's Safia Kazi for a discussion about data privacy. Janis and Lynn discuss trends from their clients, challenges that AI is introducing and the effect that the pandemic has had on the industry.

Visit ISACA.org/podcasts for more ISACA Podcasts!

Be sure to like, comment, and subscribe for more ISACA content!

"Cybersecurity is only as good as an organization's weakest link" - Ali Pabrai

Join ISACA's Senior Manager, CMMI Professional Practice, Kileen Harrison as she talks with ecfirst's Chief Executive Officer, Ali Pabrai about his recently released articles, “What Cyberprofessionals Should Know About CUI”, and “US DoD Launches Comprehensive CMMC 2.0 Cybersecurity Framework”. Ali explains the three levels of CCMC 2.0 and goes further in depth on CUI classification.

By the end of this episode, you'll have all the CMMC and CUI "Rocket Fuel" that you need to understand this latest certification.

To read Ali's full articles - https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2022/volume-8/what-cyberprofessionals-should-know-about-cui

https://www.isaca.org/resources/news-and-trends/industry-news/2022/us-dod-launches-comprehensive-cmmc-2-cybersecurity-framework

Be sure to like, comment, and subscribe for more ISACA content.

Cyber continues to influence not just business but global conflict too.

In this episode, ISACA’s CyberPro, Jon Brandt chats with Founder and CEO of Anchor Systems, Fred Carr about the current threat landscape, challenges, and misalignment between public and private sectors, and impacts on national and global security. They also dive into the role non-combatants now play on the battlefield and talk about recent US efforts to thwart ransomware.

For more information, check out - https://www.isaca.org/training-and-events/cybersecurity

Be sure to like, comment, and subscribe for more ISACA Production content.

People are considered the weakest link in any organization’s cybersecurity defenses. Hence, in most cases, the primary targets of cyber-attackers are the employees of the organization. In addition, people are easier to compromise and exploit unlike finding a single software to breach an organization or enterprise business. While a lot of efforts go into improving the existing security infrastructure, ignorance of human resources would leave a significant gap in the defense strategy.

Join ISACA’s Research Advisor, Brian Fletcher, as he is joined by Dr. Yasmin Razack, author of “A Security Awareness Program for PCI DSS Compliance: Implementation and Legal and Ethical Issues to Be Considered”. In this episode, they will be addressing the challenges in implementing a security awareness program to fill this gap and the legal/ethical issues that needs to be considered during implementation. As per the Payment Card Industry – Data Security Standard (PCI-DSS) requirement 12.6, a Security Awareness Program is mandatory to be held at least once a year and for new hires. However, it is not an easy task and cannot be a one-time activity. But if implemented effectively, awareness programs can be the human firewall of the organization. It will make the organization compliant to regulations like PCI-DSS thereby protecting it from fines due to non-compliance, defamation, costs of data breaches and will help improve customer trust and loyalty.

To read Dr. Razack’s full article click here - www.isaca.org/pci-dss-compliance

Be sure to like, comment, and subscribe for more ISACA Production content!

Making a difference within the cyber industry is of paramount importance to Jo Stewart-Rattray. She is incredibly passionate about encouraging, teaching, and mentoring more women into tech and security fields. In this episode of Industry Spotlight, Robyn Franko, Manager of Event Operations and Services at ISACA, chats with Jo about her background and career path, hobbies, and some interesting challenges the industry faces.

Jo has over 25 years of experience in the IT field, some of which were spent as CIO in the Utilities and as Group CIO in the Tourism space, and with significant experience in the Information Security arena, including as CISO in the healthcare sector. She underpins her information technology and security background with her qualifications in education and management. She specializes in consulting in risk and technology issues with a particular emphasis on governance and security in both the commercial and operational areas of businesses. Jo provides strategic advice to organizations across a number of industry sectors, including banking and finance, utilities, manufacturing, tertiary education, retail, healthcare, and government. 

She has chaired several of ISACA’s international committees, including the Board Audit & Risk Committee, Leadership Development, and Professional Influence & Advocacy.  She served as an Elected Director on ISACA’s International Board of Directors for seven years and was the founder of its global women’s leadership initiative, SheLeadsTech. Because of her involvement with ISACA and the SheLeadsTech program and her rural background Jo was selected from a large number of candidates to be one of only two non-government delegates and was invited to join the official Australian Government delegation to the 62^nd Session of the United Nations Commission on the Status of Women (CSW62) held in New York in March 2018.  She returned to the UN in 2019 and again spoke at two UN events this year. She has spoken on Capitol Hill during a Day of Advocacy designed to bring tech leaders together in one place to discuss issues related to women in technology and then to meet with congressional representatives and Senator’s offices.

It's hard to believe the quarter century mark has almost arrived!  Have you thought about what you would like your work world to be in 2025?  Have you dreamed of more flexibility or better access to information so you can get work done faster? ISACA’s IT Professional Practices Lead, Kevin Keh, sits down with Cindy Baxter, Director of What's the Risk, LLC to talk about her recently released article “The Transformative Power of Mobility”. Cindy spoke with three professionals from three different industries and asked them how the promise of mobility could change their work lives.  Hear about the work her interviewees do and the aspirations they have for themselves and their professions.  Can IS risk and audit professionals make their mobility dreams come true?  Tune in to the conversation and see what you think!

To Read Cindy’s full ISACA Journal Article click here - www.isaca.org/power-of-mobility

Please like, comment, and subscribe to the ISACA Media channels to keep up to date with all of ISACA’s new content.