ISACA Podcast

In this episode, executive principal at Risk Masters International’s Steven Ross discusses why vendors of IT products and services are advertising information security, why businesses are not advertising their security and how to use information security as a component of organizations’ public images with host Safia Kazi.

SaaS is eating the world even more than we think. Companies are dealing with SaaS sprawl: hundreds of apps distributed across different owners that store sensitive data and which are used to orchestrate critical business workflows. Security-minded teams are turning to external compliance frameworks to help protect their customers and data.
 
However, traditional identity governance controls have fallen short of delivering real security outcomes in this digital-first world. They’re missing a critical piece: automation. In this episode, ConductorOne’s CEO and Co-Founder, Alex Bovee joins this episode to discuss why we need to change the way we think about compliance and risk and what a security-led governance program could look like.

Learn more about ConductorOne at https://www.linkedin.com/company/conductorone/ or https://www.conductorone.com/blog/automating-compliance-controls-least-privilege-access/

A review of the events of 2022 shows that 2023 will not be the year of dire new cyber attacks waged by hoodie-wearing cyber criminals or office-bound nation-state APTs. Instead, 2023 will be when multiple regulatory bodies express their mounting frustration with public and private companies' collective inability to reduce the volume and impact of prior cyber attacks.  

Tune into this ISACA Episode as Hyperproof’s Field CISO, Kayne McGladrey, speaks with ISACA’s Jeff Champion on how 2023 will be the year of risk.  

Learn more about Hyperproof at:  

https://twitter.com/Hyperproof 

https://www.linkedin.com/company/hyperproof/ 

https://www.instagram.com/hyperproof/ 

Additional Hyperproof Resources:  

https://hyperproof.io/resource/the-ultimate-guide-to-enterprise-risk-management/ 

https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2022/three-key-predictions-for-2023-the-year-of-risk 

https://hyperproof.io/resource/risk-management-software-buyer-guide/ 

https://hyperproof.io/case-studies/pythian-uses-hyperproof-to-get-time-back-and-improve-its-risk-management-maturity/ 

We live in the age of continuous compromise. This podcast dives into why so many organizations continue to be breached even after spending money on cybersecurity point solutions. Many organizations gravitate towards silver bullet solutions without understanding the threat and impact.

In this ISACA Podcast episode, Chris McGown speaks to Rex Johnson and Hamlet Khodaverdian about why a holistic and collaborative approach is absolutely critical to creating cyber-resilience. 

For more information check out www.isaca.org/improving-cyberresilience-in-an-age-of-continuous-attacks 

A strong audit and assurance function is critical to achieving digital trust in an organization. This conversation spotlights audit's role in digital trust and outlines key priorities. It also shares new ISACA resources for auditors.

For more information, go to https://isaca.org/digital-trust

ISACA's Chris Dimitriadis and the US GAO's Nick Marinos discuss the current state of critical infrastructure security, escalating threats and how to better prepare.

For more information check out www.isaca.org/heightened-threats

Paul Philips and Lisa Young will discuss how risk scenarios help decision-makers understand how certain events can impact organizational strategy and objectives. Good risk scenario building is a skill and can take some time to truly master. Paul and Lisa will provide actionable advice on building the best possible scenarios to help your organization better manage risk

For more information check out https://www.isaca.org/resources/it-risk

Compliance with the world’s ever-increasing list of privacy laws can be a tricky undertaking for any organization, but by taking a few simple steps, you can begin to mature your privacy program from a series of check-box exercises into an intelligent compliance program that can help organizations to build consumer trust and protect brand reputation.

Join this conversation with OneTrust DPO Linda Thielova and ISACA's Paul Phillips to learn how to operationalize privacy compliance within your organization and get practical tips on how to mature your privacy compliance program.

Career coach Caitlin McGaw will share her top tips for young professionals and career changes on how to launch a successful career in IT audit--from acing your first interview and landing your first job to career resources to help your career continue to grow and thrive.

To learn more, check out www.caitlinmcgaw.com 

Learn more at isaca.org/digital-trust