@ISACA is a biweekly publication available from this page and delivered via email to ISACA members and subscribers. This electronic newsletter feature timely industry and ISACA news, as well as featured and updates relevant our readers.

Tips From Industry Experts

Cruft—It Is Tough By Bruce R. Wilkins, CISA, CRISC, CISM, CGEIT, CISSP In the past, I have written about the backwaters of IT. Obsolete or specialized processors sit on the edge of your state-of-the-art IT architecture and create an area ripe for hacking. Often, these processors are also a blind spot for intrusion detection. This article takes a journey into something called “cruft,” the backwater of your software application. Read More >>

Understanding Vulnerabilities Webinar ISACA News Every day, security teams are overwhelmed with the growing number of vulnerabilities in their environments. What should be prioritized if there are 10,000 critical vulnerabilities present at once, and how do you quickly gain insight into their impact as each of these vulnerabilities arise? Read More >>

Containerization: Scalable, Efficient, Productive ISACA News Hosting service applications on containers makes aligning security and compliance policies more manageable. Automation allows for standardization of security controls. The emergence of containers has enabled companies to grow, scale up, and become more productive and efficient. ISACA and Adobe have partnered to present the “Leveraging Container Technology to Better Achieve Compliance” webinar to... Read More >>

Internal control is a systematic means of providing assurance that enterprise operations provide sufficient protection from internal and external threats. These threats can be malicious or driven by lack of adequate process control. Internal control sets up the necessary structure to prevent or detect issues that arise so they can be mitigated or corrected in a timely manner. Read More >>

Between recently well-publicized breaches and noteworthy regulatory issues such as the General Data Protection Regulation (GDPR), the privacy of user information and personal data is becoming an increasingly important topic. There is no shortage of advice about privacy for the audit, security, risk or governance practitioner, but it can be hard to know where to start. Read More >>

Strong women cyber security leaders and executives are in short supply. Why is it that many women enter technical fields and cyber, but leave before reaching executive levels? What can be done to support the growth of women in cyber? Read More >>