Current Issue: Volume 10  20 May 2015

@ISACA is a biweekly publication available from this page and delivered via email to ISACA members and subscribers. This electronic newsletter feature timely industry and ISACA news, as well as featured and updates relevant our readers.

Tips From Industry Experts


Security professionals regularly affirm the importance of strong authentication. I would like to believe that they simply shorten “identification and authentication” to “authentication” for brevity’s sake, but I am not that wishful in my thinking. Read More


Privacy breaches often occur within third-party organizations contracted to perform services for enterprises. Both the contracting organization and the third party share responsibility in the event of a breach... Read More


Congratulations to Knowledge Center topic leader Ian Cooke, CISA, CGEIT, CRISC! Cooke leads 3 topics in the ISACA Knowledge Center: Audit Tools and Techniques, SQL Server and Oracle Database. Read More


ISACA members have until 6 June at 2AM CDT (UTC -5 hours) to vote on the revised bylaws.

Voting can be done electronically. Read More

Jonathan McMahon, CISM, ITILv3 Foundation

Jonathan McMahon describes the Certified Information Security Manager (CISM) certification as having given him credibility in the security field. “The best part of being a CISM is the clear recognition it provides of my value as a business asset—I have been through an independent audit, testing and certification process to demonstrate and substantiate my skills in information security,” he says. Read More

Reviewed by Horst Karin, Ph.D., CISA, CRISC, CISSP, ITIL

Cloud access is now a mobile capability. Is this a nightmare for information security? It depends. Most people know of the security paradox between security and access to data: Data are extremely secure if no one can access them at all. Data are fully insecure if they are available in the public domain.