journal header

Volume 1, 2017

This Week's Online-Exclusive Feature

Capability Framework for Privileged Access Management
15 February 2017
Richard Hoesl, CISSP, SCF, Martin Metz, CISA, Joachim Dold and Stefan Hartung

The average total cost of a data breach is about US $4 million, whereas the average cost for a stolen record increased slightly from US $154 in 2015 to US $158 in 2016. Why are these data lost? About 48 percent of all breaches are caused by malicious attacks. Passwords are often the entrance door for attackers: 63 percent of all passwords were either weak, got hijacked or had not been changed from their default value.

Attacks from insiders are another key challenge to consider; these are the most difficult attacks to detect and are often not detected at all. Read More >>

Indicates Online-Exclusive Content

 

 


Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

A Framework to Evaluate PAM Implementation
21 February 2017
Richard Hoesl, CISSP, SCF, Martin Metz, CISA, Joachim Dold, Stefan Hartung

A study in 2016 found that 80% of the more than 500 chief information security officers (CISOs) surveyed consider privileged access management (PAM) a significant topic, and a number of them have already implemented specific PAM solutions. In general, these solutions try to attain the following goal(s):

  • Keeping the number of privileged access channels low
  • Authorizing, activating and deactivating the usage of privileged access channels
  • Detecting, evaluating, recording and terminating the usage of privileged access channels
Read More >>

Indicates Online-Exclusive Content

 

 


What's New for Nonmembers

IS Audit Basics Articles

Preparing for Auditing New Risk, Part 2

Preparing for Auditing New Risk, Part 1

The Soft Skills Challenge, Part 6

The Soft Skills Challenge, Part 5

The Soft Skills Challenge, Part 4

Elements of an IS/IT Audit Strategy, Part 2

 

Full Journal Issues

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance

Volume 3, 2015 Governance and Management of Enterprise IT (GEIT)

Volume 2, 2015 Opportunities and Challenges of New Technology