journal header

Volume 1, 2017

This Week's Online-Exclusive Feature

What Every CISO Must Know About SSH Keys
22 February 2017
Tatu Ylonen

Secure Shell (SSH), also known as Secure Socket Shell, is a cryptographic network protocol for operating network services securely over an unsecured network. SSH keys resemble passwords in that they permit privileged access to systems at the operating system level for users or other applications. SSH keys are used for automation, backups, data copying, application integration, automation and systems management. Mismanagement of these keys represents a significant security risk of which chief information security officers (CISOs) must be aware so they can be prepared to take action to prevent misuse and data losses. Read More >>

Indicates Online-Exclusive Content

 

 


Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

A Framework to Evaluate PAM Implementation
21 February 2017
Richard Hoesl, CISSP, SCF, Martin Metz, CISA, Joachim Dold, Stefan Hartung

A study in 2016 found that 80% of the more than 500 chief information security officers (CISOs) surveyed consider privileged access management (PAM) a significant topic, and a number of them have already implemented specific PAM solutions. In general, these solutions try to attain the following goal(s):

  • Keeping the number of privileged access channels low
  • Authorizing, activating and deactivating the usage of privileged access channels
  • Detecting, evaluating, recording and terminating the usage of privileged access channels
Read More >>

Indicates Online-Exclusive Content

 

 


What's New for Nonmembers

IS Audit Basics Articles

Preparing for Auditing New Risk, Part 2

Preparing for Auditing New Risk, Part 1

The Soft Skills Challenge, Part 6

The Soft Skills Challenge, Part 5

The Soft Skills Challenge, Part 4

Elements of an IS/IT Audit Strategy, Part 2

 

Full Journal Issues

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance

Volume 3, 2015 Governance and Management of Enterprise IT (GEIT)

Volume 2, 2015 Opportunities and Challenges of New Technology