ISACA Podcast

Digital transformation has heightened due to the pandemic. We went from, “we can’t work from home” to “we can only work from home moving forward”. Because of this change, our cyber risk increases and organizations need to take new action when it comes to risk. Join ISACA’s Risk IT Risk Professional Practices Lead, Paul Philips as he talks with Dr. Jack Freund—Head of Cyber Risk Methodology at VisibleRisk—about how to effectively communicate Cyber Risk to a Board of Directors. Organizations need to understand the financial ramifications of all aspects of cyber risk. Along with risk quantification, organizations need to work with and inform the BOD about the risk appetite for certain projects, how much risk tolerance the organization can afford to deal with and more.

What is security as a service and when is it needed?  Tune in as ISACA’s Cyber Pros explain how the increase in hacks and attacks are forcing companies to take cyber security more seriously. The bad news is, there is a lack of cyber security professionals in the field and those who do have the necessary skillset to manage a company’s security are becoming more and more costly. Academia is trying to help get the security workforce up to speed quickly, but they are failing. Until we see an influx of new and skilled cyber security professionals, security as a service is an option that can save your company both time and money and help assure that your company’s data and information is safe and secure.

For more information, check out ISACA’s State of Cybersecurity 2021.

Everyone needs a resilient operating model, and the pandemic has been the reality check showing how necessary it is to have a plan. Was your small-business or corporation prepared for the shift to remote work in early 2020? If not, you probably realized that business continuity is more than having the right systems and applications in place. The most important factor is people!  Although both large and small enterprises have accommodated and adapted, the smaller organizations with fewer resources and time have faced equal or greater hurdles when it comes to this type of planning.  

Join ISACA’s IT Professional Practices Lead, Kevin Keh, as he interviews Cindy Baxter, Director, What’s the Risk, LLC and discusses the importance of having a business continuity and resilience plan for your business. Cindy discusses consistently updating your crisis team and notification systems, the importance of allowing an auditor to fully understand your business, accepting critical feedback throughout the entire audit process vs. waiting for the final report and more! Cindy also mentions how small business owners and employees shouldn’t get defensive or take the findings personally. Remember, the value comes not in the result, but in the adoption of the results and recommendations.

For more information on this topic, click here to download ISACA’s IT Business Continuity/Disaster Recover Audit Program.

Organizations are increasingly concerned about data security in several scenarios, including collecting and retaining sensitive personal information; processing personal information in external cloud environments, and information sharing. Commonly implemented solutions do not provide strong protection from data theft and privacy disclosures.

Privacy and risk management professionals are particularly concerned about the privacy and security of data analytics that are shared externally. Compliance of privacy regulations such as the US State of California Consumer Privacy Act (CCPA), the EU General Data Protection Regulation (GDPR) and other emerging regulations around the world require techniques for secure processing of sensitive data.

Listen in as ISACA’s Safia Kazi interviews Chief Security Strategist and data protection expert, Ulf Mattsson on the latest on privacy-preserving techniques.

Why should you listen to ISACA’s CyberPros?  Find out as Dustin Brewer and Frank Downs explain how they got started in the cybersecurity field and grew their knowledge and experience to become the cyber professionals they are today. Dustin and Frank discuss their traditional and non-traditional paths to learning, their experience working in the US government and the importance of earning a certification and continuing your education. Want to know how to get started in Cybersecurity? Start here by listening to this podcast.

ESET has released its T1 2021 Threat Report, summarizing key statistics from ESET detection systems and highlighting notable examples of ESET’s cybersecurity research. The featured theme of the report recounts ESET’s analysis of a vulnerability chain that allows an attacker to take over any reachable Exchange server. The attack has become a global crisis, and this research identifies more than 10 different threat actors or groups that likely leveraged this vulnerability chain.  

Join ISACA’s Information Security Professional Practices Lead, Jon Brandt, and ESET’s Chief Security Evangelist, Tony Anscombe, as they examine the findings of the ESET TI 2021 Threat Report. Dive deep into areas such as the rapid growth of “infostealers,” including the data they collect and how it is monetized; the increasing number of cryptocurrency threats; and recent vulnerabilities and potential exploitation of exchange servers and the resulting impact on organizations.

Every day, the risk of cyber and ransomware attacks regularly increases in frequency and danger. But despite the proof in numbers, many organizations still don’t recognize the need to fortify their fortress and improve the strength of their Cybersecurity practices. This is because the leadership of many organizations don’t understand cybersecurity or even want to understand it. That is —until it is too late.

In this episode, ISACA’s Cyber Pros, Dustin Brewer and Frank Downs explain the importance of cybersecurity and provide real world examples of why it pays to be proactive, not reactive when it comes to your company’s security. In the end, it will not only save your company a ton of time and money, but may even save your company!  

Interested in learning more on this topic Check out ISACA’s State of Cybersecurity 2021 report at https://www.isaca.org/go/state-of-cybersecurity-2021 .