ISACA Now Blog


 ‭(Hidden)‬ Admin Links

Knowledge Center > ISACA Now

Implementing the NIST Cybersecurity Framework using COBIT

Mark Thomas, CGEIT, CRISC, President, Escoute LLC
Posted: 7/25/2016 3:00:00 PM | Category: COBIT-Governance of Enterprise IT | Permalink | Email this post

There is no argument that today’s cybersecurity attacks are likely a foreshadowing of more intense and harmful events to come, as seen by the growth of such incidents in the last few years alone. Cyber attackers have both the desire and the means to conduct these offenses, are organized, well supported and use more sophisticated methods. 

Intersect this with the fact that our society has become highly dependent on the use of technology and connectivity through things such as mobile devices, Internet of Things (IoT), and demands to share information quickly, the need to protect against cybersecurity attacks is paramount. Couple these scenarios with the ever-increasing threats to critical infrastructure, and the stakes grow exponentially.


Cybersecurity Education—Starting Young and Making It Fun

Posted: 7/22/2016 3:08:00 PM | Category: Security | Permalink | Email this post

Above are the developers of the CynjaSpace mobile app, which was created in partnership with ISACA.

To advance cyber education for children and families, CynjaTech and ISACA are partnering to create a new fully guided educational experience that teaches kids and their families about computer science, security and safety.

The collaboration combines ISACA’s industry-leading Cybersecurity Nexus (CSX) curriculum with the successful Cynja comic series inside the CynjaSpace mobile app to offer exciting interactive games and lessons that teach digital survival skills to children.


Effective Third-Party Risk Assessment – A Balancing Process

Brad Keller, Senior Director of Third-Party Practice Lead, Prevalent
Posted: 7/21/2016 4:32:00 PM | Category: Risk Management | Permalink | Email this post

The vendor risk assessment is the lynchpin of every effective third-party risk management program. In theory, the essential components of an assessment are easily determined. However, in practice, the ability to effectively understand and assess third-party controls usually conflicts with the resources available to perform the assessments, and is further handicapped by the need to rapidly conclude assessments so contracts can be finalized and projects begun.

All too often this results in assessments that are performed based on resource availability and time rather than an appropriate review of required security controls.


Mobile Payments: Risks Versus Opportunities

Ed Moyle, Director of Emerging Business and Technology, ISACA
Posted: 7/20/2016 3:40:00 PM | Category: Security | Permalink | Email this post

Have you heard the story about the foolish farmer’s new horse? The story goes that one day in early spring, a farmer’s horse dies. The farmer needs a horse to pull his plow, so he goes to market to buy a new horse. There he meets a neighbor who says, “I have a promising yearling [adolescent horse] that will be up for sale in a month or two. Why not wait? The yearling will be much stronger and healthier than some old nag you’d buy here.” The farmer agrees. 

A few months go by, and on the way to bring the yearling to market, the neighbor tells the (still horseless) farmer, “I have a foal—born just this season—that will be the strongest and healthiest of all my animals. Much stronger than this yearling if you wait a few more months.” 


Pokémon Go Issues Underline Importance of Technology Pros

Betsie Estes, Research Resource Manager, ISACA
Posted: 7/19/2016 3:26:00 PM | Category: ISACA | Permalink | Email this post

It is unlikely there are many people left who have not heard of Pokémon Go. Maybe you are an active player, maybe your stock portfolio includes Nintendo shares, or maybe you have heard the warnings about criminal activity related to the game. For the uninitiated, Pokémon Go is a mobile app that uses a phone’s GPS and camera to create an augmented reality experience in which players traverse the physical world and capture animated creatures.

<< First   < Previous     Page: 1 of 124     Next >   Last >>

 About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.


To volunteer to write a blog or suggest a topic send an email here.