ISACA recently conducted a smart cities research survey in which it asked approximately 2,000 security and risk professionals questions focused on smart cities and their management, risks, and future technology initiatives. As a recovering city CISO, I can tell you that many of the survey questions were typical ones asked about smart cities. One question that caught my eye regarded what technologies were believed to be essential for the “security/resilience preparedness” of smart municipalities.
There are lies, darned lies, and then there are GDPR poll statistics. So, when ISACA recently approached me to help analyze a new poll on GDPR readiness, I was initially apprehensive.
After all, how many organizations are really expecting to be fully compliant with the new EU regulation on data protection by today’s deadline? Previous poll results from other sources have ranged as high as 90% and as low as 10%.
The significant variation in results might reflect the way that the questions are framed by different surveys, and moreover, whether the respondent believed that the results really were going to stay anonymous. When non-compliance with the regulation can result in fines of up to €20 million or 4% of global turnover (whichever is greater), very few organizations will openly admit that their compliance process expects to break the law and run some of their data illegally for a while.
3D printing is fast becoming a disruptive technology in production and manufacturing. It grew to be a $5.1‐billion‐dollar industry by 2015 with an average growth rate of about 30%, and 5.8 million 3D printers are expected to be shipped annually by 2019.
As noted in the recently issued ISACA Tech Brief: 3D Printing, 3D printers enable the manufacturing of certain items more economically than standard manufacturing processes. These machines receive an electronic file as input with details of a product design. They are supplied with a raw material, usually plastic-based, which enables them to print a 3-dimensional form [JS1] of the product. This feature can have profound effects on producing goods within many industries since it replaces the movement of goods with the movement of information, a concept that is growing in popularity within digital supply chains. Instead of transporting the physical product to the point of use, only information about the product needs to be moved to that location, where the product is then locally created.
I recently began taking my first crack at auditing an Amazon cloud platform that comprises over a dozen managed services. While I was excited to add this new wrinkle to my skill set, I had no idea where to get started on identifying key risks applicable to each service or how to approach the engagement. Searching online eventually led me to the AWS training and certification website. My intuition initially suggested to me that Amazon was not very likely to help me audit their services, or even if they did, there probably would not be much free information available that I could leverage to obtain sufficient understanding of the service architecture or operation. Well, I was dead wrong!
A few days ago, in between catching flights and dozing off in an airport terminal, I read an article about the recently published findings from the 2017 Global Information Security Workforce Study.
There were a few obvious conclusions that I expected to come out of this report, such as the ever-widening cybersecurity talent gap (hence the title), but there was one item in particular I found to be quite intriguing. In the third paragraph of the introduction, the GISWS asserts, “This year’s Study reveals we are on pace to reach a cybersecurity workforce gap of 1.8 million by 2022, a 20% increase over the forecast made in the 2015.”
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.