Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.


Share knowledge about CyberSecurity with other ISACA members and idenfity and discuss issues that need more guidance from ISACA. Collaborate, make connections and learn how to keep your organization safe from Cyber risks.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
2013 Members
2 Online
15303 Visits

 Recent Discussions

Cybersecurity Fundamentals Workshop . Posted by Yolanda Baker.
COBIT-5’s DSS05.02 activities are essential fo... Posted by M.Lambert.
Internet of Things (IoT). Posted by Melody.

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 58 total

Must be a Topic member to contribute
View All »
Yolanda Baker | 12/1/2014 7:11:24 AM | COMMENTS(11)
DSS05.02 Manage network and connectivity security (activity # 8- penetration testing) is not an option! Talking about cybersecurity, NSA director Admiral Michael Rogers indicated: «it is only a matter of the "when," not the "if" that we are going to se...
M.Lambert | 11/30/2014 9:17:29 PM | COMMENTS(4)
I would like to start a long-term discussion on the Internet of Things (IoT). This is coming faster than we imagine and a day when everyone is wearing a Google Glass like device or Samsung Galaxy Gear is around the corner. I would like this to be an ...
Melody | 11/12/2014 3:08:19 AM | COMMENTS(55)
ENISA has listed all the documents of National Cyber Security Strategies in the EU but also in the world. This information is based on publicly available material. Some of these documents are still under consultation so no official translations in Englis...
yves_le_roux | 10/31/2014 2:16:20 AM | COMMENTS(4)
Has anyone evaluated their cyber security posture or planned their strategy using ISACA's "Implementing the NIST CyberSecurity Framework" guide and toolkit? I'm interested in hearing how effective it has been in your environment and any lessons learned.
LJB | 10/28/2014 2:57:47 PM | COMMENTS(0)
Hi all, Just some knowledge sharing.... Please kindly be aware that there is serious vulnerability has been discovered and published online.  SSL3.0 is vulnerability to disclosure of plain-text over network sniffing.  Please refer tothe link below for mor...
Chris Sivaprakash Kumanan | 10/23/2014 1:54:18 AM | COMMENTS(2)

Documents & Publications: 56 total

Must be a Topic member to contribute
View All »
Mapping IBM Security Solutions to NIST Cybersecurity Framework
Posted by JasonY 41 days ago
Posted by ISACA 44 days ago
An organization will only survive if it can continue operations after disastrous events. Continuity planning is critical to keeping your organization working in the event of a medium to large scale disaster. Planning helps to ensure that your customers/clients will still have access to the functions, information, and resources you provide them. The presentation covers what can be done to ensure survival and recovery after these types of events. Topics include continuity planning components, the processes, as well as testing and exercising the plan(s). The course is intended for continuity planners, IT security managers and professionals, contractors, and anyone interested in continuity planning.
Posted by Larry Wlosinski 50 days ago
Gartner Report for CISOs about securing IoT.
Posted by Melody 52 days ago

Events & Online Learning: 4 total

Journal Articles: 56 total

Volume 6, 2014
by Steven J. Ross, CISA, CISSP, MBCP
Cyberattacks are a known threat to the information systems of organizations around the world.
Volume 6, 2014
by Eric A. Beck
Corporate risk managers and security professionals understand that risk is not a problem that can be solved, but rather a process that must be managed.
Volume 6, 2014
by Ivan Alcoforado, CISSP, PMP
As more and more organizations start reporting cybersecurity risk and incidents, security professionals, internal auditors and IT auditors need to pay as much attention to IACS controls as they do to controls for traditional IT.
Volume 6, 2014
by Richard A. Spinello | Reviewed by Maria Patricia Prandini, CISA, CRISC
Every IT professional should be aware of the challenges posed by cyberethics, and this book represents an opportunity to do so.
Volume 6, 2014
by Flint Brenton
While there is no one-size-fits-all solution to securing every network, the following seven mistakes of current SIEM systems must be solved to effectively secure data in the modern enterprise.
Volume 5, 2014
by Steven J. Ross, CISA, CISSP, MBCP
“CERT,” in the context of information security, is a term with a long and noble pedigree.

Wikis: 2 total

Blog Posts: 15 total

 Rob Stroudis the New York based Vice President of Strategy and Innovation at CATechnologies and is the current President for the 2014-15 administrativeterm.  I caught up with Rob in Australiawhen he visited Canberra in June 2014 and again about a wee...
Posted By : Rob Hanson | 2 comments
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments
Having been associated with the BS 7799 from its introduction as a Security Standard, and as a Contributor to the ISO 27001, and the last and final Chair of the ISO 27001 at the Department of Trade and Industry (DTI) I have been a long term supporter, and...
Posted By : John379 | 0 comments
and Become More Secure As a penetration tester I find it TOO EASY to fully compromise an internal network – without finding a single “vulnerability”! I spend most of my time on two types of engagements — PCI projects and penetration tests. The pen test...
Posted By : Stewart141 | 0 comments
13 Nov 2014
Posted By : masarker | 4 comments
Slowly are organization have started using web as a service delivery platform.   Various study reveals that the web as the most economical platform and branches / office being the most expensive platform for the delivery of service to customer. Further w...
Posted By : Parthasarathy | 0 comments