ISACA Podcast

What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls.

Don't forget to check out https://www.isaca.org/resources/isaca... for more information!

Blake Curtis is a global business risk and security engineer for Deloitte Global and a research scientist completing his Ph.D. in cybersecurity and risk management. Today he breaks down frameworks, governance, and governmental controls from the board level to the code level. ISACA's Lisa Villanueva then asks him about years of experience vs. years of exposure as he gives his solution for the industry skills gap. In addition, he gives us some history on ISACA and CISA. Press play now to get into it with Blake!

A note from the author: Blake Curtis

Blake is asking for listeners' assistance in completing his research by taking a quick survey. He is collecting responses from IT auditors; however, we also collect survey responses from IT professionals and cybersecurity practitioners. To learn more please read below.

Your Choice: Anonymity or Engagement 

The participants' responses will remain anonymous. As a result, no one will be able to identify them or their answers. Additionally, no one will know whether they participated in the study unless they received a certificate of completion and decide to share it via social media or other media sources.

However, we strongly encourage each participant to share their certificate on LinkedIn and share the survey with other candidates. Their contributions will inform the scientific body of research and potentially influence equitable hiring decisions in the Governance, Risk, and Compliance (GRC), Cyber, and Audit professions.

ISACA’s Cyber Pro, Jon Brandt, invites information security guru, Naomi Buckwalter, Director of Information Security and IT to the podcast to discuss hot and heavy topics within Cybersecurity and the IT industry. Listen in as they hash out the current and future trends. 

While our development teams have been busy running full speed ahead using the latest and greatest technology to build amazing products, security teams haven’t always been known to keep the same pace – and we have reached a point of “developer revolt.” Security teams are still too often viewed as producers of “design constraints” by development teams versus “reliable partners” in helping them build better software. The path to changing this is getting security more tightly integrated into the DevOps pipeline – and working to make security even more of everyone’s responsibility. In this podcast Shannon Lietz, Adobe’s VP of Vulnerability Labs, will discuss some of the opportunities for security teams to become trusted partners, providing a roadmap for how DevSecOps needs to evolve to reach necessary maturity, and discuss some of the efforts that can help the broader security industry get better at this essential security muscle.

Join Kevin Keh, IT Professional Practices Lead - Research Development for ISACA, and guest, Ramses Gallego, International Chief Technology Officer for CyberRes in the latest session of our LinkedIn Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotechnology, Internet of Behavior (IoB) and XR/VR. For each technology, they’ll dive deep into what the technology is, why it’s considered emerging, and ultimately, why it’s something your organization should keep an eye on as it continues to evolve. Happy viewing!

ISACA’s Director, Channel Business Development, Chris DeMale is joined by ServiceNow’s Director of Product Marketing, Karl Klaessig in this follow up interview that takes a deeper look into his presentation during ISACA’s Virtual Summit session, Security Operations Challenges in 2021. The presentation discussed how opportunistic and tenacious cybercriminals can be. Klaessig takes explores how dissecting attackers' behavior and automating responses can better defend your attack surface.

This ISACA TV interview is a discussion about information security concerns (and challenges), evolution, and the future. Topics covered include mobile computing devices, the Internet of Things (IoT), artificial intelligence (AI), cyber threat intelligence (CTI), software tools, and malware. Threats, risk, safeguards, and countermeasures will be reviewed along with some new ideas and approaches. Tune in as ISACA’s Information Security Professional Practices Lead, Jon Brandt chat with Larry Wlosinski, Senior Consultant at Coalfire Federal about his recently release article, Cyberthreat intelligence as a Proactive Extension to Incident Response.

Enterprises use machine learning to validate who they are doing business with and to find new opportunities. ISACA's IT Professional Practices Lead Kevin Keh discusses secure machine learning with Protegrity's Chief Security Strategist Ulf Mattsson. Ulf explains Trusted Execution Environment (TEE), synthetic data, and encryption keys. All these technologies can be sometimes misunderstood, but they are changing the digital landscape, so listen in now!

Link: https://www.isaca.org/resources/isaca-journal/issues/2021/volume-6/how-innovative-enterprises-win-with-secure-machine-learning

Jon Brandt (Information Security Professional Practices Lead at ISACA) and Renju Varghese (Fellow and Chief Architect at HCL Technologies) break down the State Of Cybersecurity 2021 —Part II report. Threat actors did not take advantage of clients more during the pandemic, but there have been higher instances of attacks or attempts of attacks during the past 18 months. This has brought attention to organization’s boards and executives to show Cybersecurity in a more serious light than it was pre-pandemic. Tune in now to hear what Renju says you can expect in 2022!

ISACA's State of Cybersecurity 2021 – Part II report:

https://www.isaca.org/why-isaca/about-us/newsroom/press-releases/2021/new-isaca-study-finds-cybersecurity-workforce-minimally-impacted-by-pandemic-but-still-grappling

Listen in as ISACA’s Information Security Professional Practices Lead, Jon Brandt grabs the podcast microphone and takes over November’s Cyber Pros to discuss CISA’s Directive Breakdown.