Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Security Trends

The Guidance and Practices Committee seeks your help in identifying today’s top security trends. Join this community to collaborate with others to identify security issues that are relevant and emerging as well as issues that need more ISACA guidance.

 
This Topic Has:
442 Members
0 Online
5481 Visits

 Recent Discussions

Technical Skills No Longer Matter. Posted by Mark E.S. Bernard.
Virtualized Environments. Posted by JasonY1982.
Six years after ISO 27001 was adopted.. Posted by Mark E.S. Bernard.

Community Leader

Mark E.S. Bernard
NEW! Participate in Discussions Via Email. 

You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more

Discussions: 31 total

Must be a Topic member to contribute
View All »
"Those of us in information technology must begin to acknowledge that our long-term success will be based on our willingness to accept a new maxim: that technical skills no longer matter." http://www.educause.edu/EDUCAUSE+Review/EDUCAUSEReviewMagazineVol...
Mark E.S. Bernard | 4/8/2013 5:17:13 PM | COMMENTS(4)
I consider virtualization to be a general technology trend with significant security implications.  I've included a good document about virtualized environments. http://www.isaca.org/Knowledge-Center/Research/Documents/VDI_WP.pdf As more and more system...
JasonY1982 | 2/20/2013 7:50:24 AM | COMMENTS(2)
The demand for ISO/IEC 27001 has nearly tripled in six years and the number of countries adopting the Information Security Management System has doubled The demand for ISO/IEC 27001:2005 has nearly tripled in six years and the number of countries adoptin...
Mark E.S. Bernard | 8/17/2012 11:56:53 PM | COMMENTS(1)
Changes are due for the CISM. Since 2006 ISACA has mad some cosmetic changes by integrating Security Management and Program Management, which makes sense. It also looks like they changed the title of "Response Management" job practice area to Incident Man...
Mark E.S. Bernard | 8/17/2012 11:51:36 PM | COMMENTS(2)
I've implemented several ISO 27001 - Information Security Management Systems and ROI isn't as difficult to calculate as it might seem. In all cases that I am familiar with ISMS pays for it self within the first six months. That said facilitating SROI (Sec...
Mark E.S. Bernard | 8/17/2012 11:47:01 PM | COMMENTS(1)
I would suggest that there are varying magnitudes of innovation some impact an entire culture or society some only affect an industry and some maybe only a business. The basic premise for identifying innovation is change and usually its change for the bet...
Mark E.S. Bernard | 8/17/2012 11:45:15 PM | COMMENTS(1)

Documents & Publications: 13 total

Must be a Topic member to contribute
View All »
Downloads
Advanced persistent threat (APT) has been a term used frequently during security threat discussion; however, confusion exists as to what an APT is and how to manage the risk associated with it.
Posted by ISACA 91 days ago
Books
Posted by ISACA 134 days ago
Books
Posted by ISACA 177 days ago

Events & Online Learning: 1 total

30 Sep 2013
ISACA International Event
Medellín, Colombia
La Conferencia Latinoamericana CACS/ISRM 2013 en Medellín, Colombia es la conferencia principal latinoamericana para los profesionales de auditoría, riesgo y seguridad de la información. Ahorre más de EE.UU. $ 100 si se inscribe antes del 7 de agosto!

Journal Articles: 4 total

Volume 2, 2013
by Steven J. Ross, CISA, CISSP, MBCP
Organizations should never aspire to being standard in any endeavor.
Volume 6, 2012
by S. Srinivasan
Social networks have opened up a new avenue of communication for millions of people around the world.
Volume 6, 2010
by Edited by Ramesh Subramanian, Ph.D. | Reviewed by Carlos Villamizar Rodriguez, CISA, CGEIT, BS 25999 LA, ISO 27001 LA
This book connects privacy and politics, offering a point-in-time review of recent developments in computer security.
Volume 6, 2004
by Julie J.C.H. Ryan, D.Sc., and Corey D. Schou

Wikis: 3 total

Blog Posts: 7 total

On March 1st,  I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center. Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : Umesh391 | 1 comments
17 Aug 2011
Posted By : masarker | 0 comments
APT Defense Strategy   By Kevin J. Murphy, CISSP, CISM, CGEIT September 30, 2010 WHAT IS APT? APT is an acronym for Advance Persistent Threat.  Isn’t that descriptive?  In reality there is a lot behind the APT which might not be that obvious from u...
Posted By : Kevin J. Murphy | 1 comments
Antigamente para estar disponível um executivo precisava apenas de um celular para receber chamadas. Com o avanço da tecnologia móvel, a disponibilidade vai muito além de atender ligações: envolve o acesso à Internet, aos sistemas corporativos, à i...
Posted By : jpontes | 0 comments
I've written recently on a general purpose IT portal about the new feature offered by Google for its email and web-hosted services and applications. The article is in Romanian language, so linking to it it's useful only if you are using a modern brows...
Posted By : Radu H | 0 comments
There is no shortage of cloud storage providers but the data security story varies widely among them.  How can enterprise customers be assured that their data will remain confidential?  Many cloud storage providers rely on outsourced system administrator...
Posted By : Kevin J. Murphy | 1 comments