
596.7K
Downloads
318
Episodes
The ISACA Podcast gives you insight into the latest regulations, trends and threats experienced by information systems auditors and governance and security professionals. Whether you are beginning your career or have decades of experience, the ISACA Podcast can help you be better equipped to address industry challenges and embrace opportunities.
The ISACA Podcast gives you insight into the latest regulations, trends and threats experienced by information systems auditors and governance and security professionals. Whether you are beginning your career or have decades of experience, the ISACA Podcast can help you be better equipped to address industry challenges and embrace opportunities.
Episodes

May 2, 2023
May 2, 2023
16 min
Conducting adequate preparation including risk assessments, assessing resource requirements and ensuring ongoing communication to harness both the benefits and to address the potential challenges faced when conducting hybrid or fully virtual audits.

Apr 27, 2023
Apr 27, 2023
33 min
This podcast is a practical discussion with two IT Internal Auditors, Frans Geldenhuys and Gustav Silvo, that have automated IT General Controls across their highly diversified and decentralized group. They will share some of the pitfalls they have experienced in their automation roll out and advise on how to avoid or manage these pitfalls with host, Robin Lyons.
Check out Frans and Gustav’s full ISACA Industry News article, “Seven Things to Know Before Automating IT General Control Audits,” http://www.isaca.org/automating-it-general-control-audits
For more ISACA Podcasts, https://www.isaca.org/podcasts

Apr 20, 2023
Apr 20, 2023
29 min
Organizational culture is crucial because it shapes behaviors and attitudes in the workplace, which can profoundly impact operations and overall success. However, it is sometimes difficult for CISOs and other infosec managers to fully understand their culture because they are inside it constantly.
In this ISACA Podcast episode, author and journalist Mark Tarallo chats with ISACA's Safia Kazi about how infosec managers can assess the organizational culture by using a culture model to examine the behaviors, relationships, attitudes, values, and environment that the culture sustains. It also discusses possible ways to lead a culture change initiative.
To read Mark's full ISACA Journal article, "Understanding, Assessing, Aligning and Transforming Organizational Culture," click the link https://www.isaca.org/organizational-culture
For more ISACA Podcasts: https://www.isaca.org/podcasts

Apr 18, 2023
Apr 18, 2023
33 min
What are the primary risks associated with the adoption of emerging technologies, particularly during periods of high market volatility and changing governance requirements? We talk with Samuel Zaruba Smith, PhD(c) about his learnings from working in government regulated industries and emerging technology. We deep dive into the problems of business strategy, security, policy, social engineering ethics, and audits within a business environment of emerging technology systems such as Artificial Intelligence and Web3 decentralized technologies. Given the current business landscape of early 2023, changing market conditions and rapidly evolving governance concerns need to be top of the mind for all organizational leaders. Samuel provides insightful recommendations for improving your organizational structure and technology governance to create a more productive, inclusive, and ethical workplace.

Apr 11, 2023
Industry Spotlight - Julia Kanouse
Apr 11, 2023
Apr 11, 2023
21 min
Get to know Chief Membership and Marketing Officer Julia Kanouse as she sits down with childhood best friend and ISACA VP Amanda Raible. The duo discuss everything from leadership to motherhood while competing in Mario Kart! Tune in!

Apr 4, 2023
Apr 4, 2023
28 min
There are literally thousands of VPN services on the market. Some are undeniably benign, but others offer a slate of features that are friendly to cyber criminals. Keeping your network safe from hackers requires you to understand the VPN market, and make decisions based on your company’s appetite for risk. Fortunately, by analyzing IP address data associated with these devices, security professionals can get access to a wealth of VPN contextual data that helps them distinguish between perfectly legitimate providers and those that turn a blind eye toward crime. In today’s world, it is vital for security professionals to know how to leverage IP address data and its contextual insights to protect enterprise networks.

Mar 21, 2023
Mar 21, 2023
25 min
Today, the pace of change across industries is quicker than ever before. Economic, political, and social unrest and a global climate crisis have placed unprecedented disruption and pressures on organizations looking to navigate a rapidly changing environment.
Firms are being out-innovated and entire industries are being disrupted in a matter of months or years, as opposed to decades. Shifting regulations, data as an asset, dynamic customer behavior and employee expectations of continued flexibility in a more virtual workplace add to the challenge.
Technology risk and compliance needs to adjust to this new reality. The strategy and value of an organization’s technology risk management are becoming essential to build and secure stakeholder trust. That means moving closer to the point where the risk events occur and using preventative, detective, and automated controls as much as possible.
In this podcast, Beth McKenney, a Principal in the KPMG Technology Risk service network, offers a game plan for companies to meet these today’s challenges with an eye on building stakeholder trust. That means having a proactive, rather than a reactive, approach to risk management.

Mar 14, 2023
Mar 14, 2023
21 min
In a world where adversaries are constantly adapting to improve tactics, techniques, and procedures (TTPs), it is crucial to understand the unique traits and goals of various types of adversaries that actively seek to cause harm to an organization. The personification of these threats will ultimately help measure resilience against specific threat actors, identify investment and hardening opportunities, and improve trust with customers.
In this podcast, Daniel Ventura, Manager of Product Security Incident Response Team (PSIRT), shares insight into Adobe’s approach to adversary personification as well as provides guidance on how you can better measure the security resilience of your products. He’ll also talk about Adobe’s bug bounty program which helps his team identify new trends in adversary interest and defend against real incident response events.

Mar 7, 2023
Risky Business – Jon Brandt
Mar 7, 2023
Mar 7, 2023
49 min
For the average person, life moves quickly. But for business leaders and anyone involved in any aspect of IT, the pace at which technology is changing is overwhelming. Technology can help businesses and individuals do more with less and increase profit margins. However, technological advances carry tremendous risk and increase the criticality of risk management. No longer can business and personal use of technology be viewed in siloes. ISACAs Director of Professional Practices and Innovation, Jon Brandt, is joined by Ryan Cloutier as they discuss some of the latest headlines and impact to intellectual property.

Mar 2, 2023
Building Digital Trust Through Advocacy
Mar 2, 2023
Mar 2, 2023
28 min
If you thought ISACA was only about certification and education, get ready to listen to this podcast and see how ISACA advocates for the IT Audit and Risk Management professions! Join Cindy Baxter, author of the Audit in Practice column in the ISACA Journal, as she interviews two members of the ISACA New England Board of Directors who attended ISACA’s Hill Day in Washington DC. Hear how they met with their government representatives and with ISACA’s help, discussed legislation that supports our profession! It’s an opportunity to think about the impacts you can have in your own back yard and with civic leaders!
