ISACA Podcast

Today's Page to Podcast features ISACA's Kevin Keh and Donald Tse, the Head of Cyber & Technology Risk at Mox Bank and author of "Cybersecurity and the Technology Risk in Virtual Banking", as they dive into the virtual banking scene in fintech. This will compare the differences between a digital-only virtual bank and a brick-and-mortar traditional bank and therefore the underlying challenges and risks they face. As a founding member of Mox Bank, Donald will also share his experience in building digital trust with customers and regulators in this whole new cloud-native bank.

To read Donald's full article, please check out https://www.isaca.org/resources/isaca-journal/issues/2022/volume-1/cybersecurity-and-technology-risk-in-virtual-banking

We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

Working from alternate work sites using unsecure networks may be here to stay, but there is much to learn from 2020 that can help improve cybersecurity capabilities for remote staff. Listen in with ISACA's Deputy Director of One in Tech, Hollee Mangrum-Willis as she talks with Tom Conkle, CEO of Optic Cyber Solutions, and Kelly Hood, EVP of Optic Cyber Solutions. They will discuss various technical solutions such as using VPNs, enabling MFA, encrypting mobile devices and laptops, and leveraging services such as a CASB, and how, ultimately, training and awareness are the most effective at protecting organizational data.

To read the full article, be sure to check out https://www.isaca.org/resources/news-and-trends/industry-news/2021/lessons-learned-from-a-year-of-remote-work.

We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

Listen in as ISACA’s Director of Professional Practices & Innovation, Jon Brandt, is joined by Muneeb Imran Shaikh, author of "Pakistan’s Cybersecurity Policy in 2021: A Review". They will dig deeper into the report and discuss the policy changes that Pakistan and other Central Asian countries will see moving forward.

To read the full report, be sure to check out https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2021/volume-39/pakistan-cybersecurity-policy-in-2021-a-review.

We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

Both XDR and Zero Trust are useful security concepts, but they are sadly overhyped. Listen in as ISACA's Research Advisor, Brian Fletcher and Trend Micro's Bill Malik look into the realities behind ZDR and Zero Trust, how ransomware works, and how the both XDR and Zero Trust can help organizations minimize their vulnerabilities

Interested in reading Bill's full ISACA Blog? Click the link and download a copy today! https://www.isaca.org/resources/news-and-trends/industry-news/2021/using-zero-trust-and-xdr-to-stop-ransomware.

We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the like and subscribe buttons for more from ISACA!

Mark Thomas (Founder, Escoute) and Caren Shiozaki (EVP & CIO, TMST, Inc.) join ISACA's Lisa Villanueva for a conversation about Environment, Social, Governance or ESG. Mark and Caren dive deep into why your organization will want to know about ESG. Mark & Caren agree “the ESG Train” has already left the station. Organizations need to jump on board now!  Click play now to learn about ESG!

For more information, don't forget to check out https://www.isaca.org/resources/insights-and-expertise/white-papers#sort=relevancy&layout=card and https://youtube.com/playlist?list=PLHaB3gI5mcQa0zjjXSyC3ZBlKmsct9H4g 

The Sarbanes-Oxley (SOX) Act was passed by the United States Congress in 2002. 20 years later, ISACA's IT Audit Professional Practice Lead, Robin Lyons chats with Cindy Baxter, Director at What’s the Risk, LLC on all things SOX. Cindy goes in-depth on the scandals that caused SOX to be enacted, legislation's effect on corporate behavior, how SOX has affected the audit profession, and what trends she sees in the regulatory landscape in 2022 and beyond!

Interested in reading Cindy’s full ISACA Journal article? Click the link and download a copy today! https://www.isaca.org/resources/isaca-journal/issues/2022/volume-1/the-impact-of-sox-on-the-industry-20-years-ago-and-today

We would love to hear from you, please leave your comments below. If you enjoyed this episode, please click the subscribe button for more from ISACA!

Listen in as Safia Kazi, ISACA's Privacy Professional Practice Advisor, as she speaks with Steve Ross, Executive Principal of Risk Masters International, about his article "Privacy in the Dark (Data)".

Organizations have a lot of “dark data”; information that they have collected, filed and forgotten.  Some of it concerns people, so there is a privacy concern about how that data is secured.  Both enterprising cyberattackers and litigants using eDiscovery tools have incentive to search through this dark data to see what they might make use of.  The potential for misuse calls for greater attention to the security of this data.

For more information, don't forget to check out https://www.isaca.org/resources/isaca-journal/issues/2022/volume-1/privacy-in-the-dark-data

ISACA's CyberPro Jon Brant breaks down industry news stories so far in the new year: Log4j, Cyber Insurance, Augmented Reality/Virtual Reality, Metaverse, Deep Fakes, and even the legal discussion around vehicle car data. Tune in now to hear Jon's hot takes on all this and more. Happy listening!

For more information, don't forget to check out https://www.isaca.org/resources/news-and-trends/isaca-podcast-library.

What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social media is one of the easiest platforms to hack and it isn’t just from external threat actors. Oftentimes, the hack is coming from inside the organization from current and recently released employees. And remember, it doesn’t matter who hacks into your social platform, it is your enterprise that gets the blame and negative press. Robert and Lisa also discuss the current state of security on social media platforms and how organizations can benefit by bringing in auditors to show how to control the management of social media and avoid these pitfalls.

Don't forget to check out https://www.isaca.org/resources/isaca... for more information!

Blake Curtis is a global business risk and security engineer for Deloitte Global and a research scientist completing his Ph.D. in cybersecurity and risk management. Today he breaks down frameworks, governance, and governmental controls from the board level to the code level. ISACA's Lisa Villanueva then asks him about years of experience vs. years of exposure as he gives his solution for the industry skills gap. In addition, he gives us some history on ISACA and CISA. Press play now to get into it with Blake!

A note from the author: Blake Curtis

Blake is asking for listeners' assistance in completing his research by taking a quick survey. He is collecting responses from IT auditors; however, we also collect survey responses from IT professionals and cybersecurity practitioners. To learn more please read below.

Your Choice: Anonymity or Engagement 

The participants' responses will remain anonymous. As a result, no one will be able to identify them or their answers. Additionally, no one will know whether they participated in the study unless they received a certificate of completion and decide to share it via social media or other media sources.

However, we strongly encourage each participant to share their certificate on LinkedIn and share the survey with other candidates. Their contributions will inform the scientific body of research and potentially influence equitable hiring decisions in the Governance, Risk, and Compliance (GRC), Cyber, and Audit professions.