Other Blogs
There are no items in this list.
Knowledge Center > ISACA Now > Categories
5 Ways to Hack Your Leadership Communication

“The art of communication is the language of leadership.” James Humes

Good interpersonal skills are the hallmark of all great leaders. There is no leadership without effective communication. And those who possess the art of delivering thoughts and ideas in meaningful and befitting ways are those who are most successful.

No academic discourse or any business degree can teach you how to become a skillful communicator. It is self-taught and learned by exposing oneself to situations where interpersonal skills are tested the most. Regardless of which leadership style CEOs and managers adopt or have, delivering the right communication is a different matter altogether.

The best communicators are not only those who show the intent to listen to others, but also those who have incredible situational awareness and observation and problem-solving skills. Without being able to critically analyze, process the finer details and evaluate it holistically, leaders will not be able to communicate the “big picture” to their staff, and the business as a result will not grow as it should.

The following are a few ways leaders can uphold effective leadership communication:

Get personal—The positive value of any relationship intensifies the more emotions are involved. While it is important to have disciplined and professional relationships with your staff, it is also essential that leaders communicate with their staff using personalized tones and messages. Cultivating meaningful relationships is thus critical for leaders to communicate effectively.

Be specific—Leaders also need to practice ways of keeping their messages concise and to the point. There is nothing remarkable about making long speeches, if your staff cannot understand and remember half of the things you say. Business leaders are more pressed for time, and it can be very damaging if they do not deliver messages in a summarized and concise manner. The more summarized your messages are, the more clarity your staff will have.

Show empathy—“Leadership today is based on relationships built with trust, hope, love and encouragement,” Billy Cox. It is only natural that those vested with authority will exploit their position to show ego. That, however, is not the mark of a strong leader. A strong leader is one who can show empathy for his or her staff. Empathy contains the human element of compassion and care that can patch up emotional or psychological issues faced by employees in their work routines. Showing empathy means that you value human emotions and doing it enough can be precursor for influencing great motivation levels in your staff.

Demonstrate analytical reasoning—How well you analyze information and events is an important quality for a leader to have. What is more important is getting your employees to think like you and perceive things from your point of you. This does not necessarily mean that they have to agree with you; rather, it is about exercising one’s rational faculties to become better, data-driven staff that can achieve extraordinary results.

Leaders should ask employees to make their research and present their own analysis and solutions to a problem along with a case study, company/department objectives and conclusion. You can then ask a series of questions regarding how the business should quantify the solutions and how it can translate into long term business growth.

This is an important exercise to train your staff to think on their feet, appreciate their rational thinking and arrive at conclusions that can relate to worthwhile business strategies.

Listen and be silent—Listening with an open mind and out of genuine interest is one of the easiest ways to gain trust of your employees. By listening with a sincere heart, your employees feel valued and become encouraged to participate more closely with the activities of the organization. It sparks interest in your staff and allows them to be more at ease with their company culture.

Simon T. Bailey
Author, speaker and Brilliance Enabler
Bailey will be speaking at ISACA’s 2016 North America CACS conference 2-4 May 2016 in Las Vegas, Nevada, USA.

Cybersecurity Snapshot: Cyberthreats, Regulations, Workforce Issues in 2016

The dynamic world of cybersecurity continued its rapid pace of change in 2015, creating new challenges and opportunities for ISACA and our 140,000 global constituents. Of course, 2016 will be no different. ISACA professionals across the globe expect to see an evolving mix of cyberthreats, regulatory issues, and an ongoing shortage of qualified cybersecurity workers needed to address these issues, according to the January 2016 Cybersecurity Snapshot survey.

Nearly 3,000 IT professionals from 121 countries voiced their opinions in the Cybersecurity Snapshot, and the results say much about where cybersecurity is headed in 2016. Respondents said their top cyberthreat concerns for 2016 were social engineering, insider threats and advanced persistent threats (APTs). Fully 84 percent believe there is a medium to high likelihood of a cybersecurity attack disrupting critical infrastructure (e.g., electrical grid, water supply systems) this year. Nearly a third said there will be some increased risk of insider threats (privileged users) vs. last year.

ISACA’s well-trained, knowledgeable professionals do not lack for recommendations on how to best tackle these cyberthreats. Adding two-factor authentication was considered the best response for improving security in the virtualized data center, followed by adding dual-person approvals for certain actions. Other suggested solutions included using a password manager for checking in/out password access to systems, and adding air gaps for different types of workloads (e.g., sensitive or non-sensitive).

Another area where ISACA constituents had consistent opinions involved government regulations and privacy issues. We saw significant activity in these areas in 2015, and I believe we can expect to see more of the same in 2016. A majority (63 percent) of respondents believe governments should not have backdoor access to encrypted information systems. A similar majority think privacy is being compromised by stronger cybersecurity regulations.

From an organizational standpoint, 84 percent favor regulation requiring companies notify customers within 30 days of a data breach discovery. Interestingly, only a third of respondents believe their organization would voluntarily share cyberthreat information if it experienced a breach.

These issues make a strong case for organizations to have certified, well-trained cybersecurity personnel. Finding well-qualified cybersecurity professionals, however, is an ongoing, global issue. Nearly half of global organizations are planning to hire more cybersecurity personnel in 2016, and 94% say they will expect to have a difficult time finding skilled candidates.

Not surprisingly, 81 percent say they would be more likely to hire a cybersecurity job candidate who holds a performance-based certification. That’s where ISACA and Cybersecurity Nexus (CSX) come in.

ISACA launched CSX in 2014 and expanded its certification offerings in 2015 with the introduction of the CSX Practitioner (CSXP) certification. CSXP is a vendor-neutral, performance-based cyber certification—the first of its kind—that focuses on key cybersecurity skills and requires demonstration of skills in a virtual lab environment in the Identify and Protect domains.

CSX has big plans for 2016, kicking off today with the introduction of the Cybersecurity Career Roadmap, which will help cybersecurity professionals identify new opportunities for career advancement. It provides the resources to continuously hone your skills, expand your knowledge, and start (and keep) your career on a trajectory toward achieving your goals.

ISACA is committed to all four of its core focus areas— audit/assurance, governance, risk and cybersecurity—and we will be delivering new resources in all of these areas over the course of the year. There has never been a more challenging or rewarding time to be in our field than right now.

I wish you a happy and successful 2016. It’s going to be an exciting year.

Christos Dimitriadis, Ph.D., CISA, CISM
2015-2016 ISACA International President

Moving from Managers to Mentors in 2016

Managers are obsolete. Mentors are a thing – or should be!

Fortune magazine suggests that companies retire the term ”manager.” It is there in black and white on page 52 of a recent issue, in the Growth Guru article titled, “5 Key Trends to Master in 2016.”

According to Fortune, Zappos CEO Tony Hsieh eliminated all of his company’s managers. The author of the article notes that most people are better supervised by their phones than by bosses (something to ponder) and goes on to say that by morphing managers into coaches and having them spend an hour of individual quality time each week with up to 40 employees, companies will get better overall performance than they will from teams with a manager and eight to 10 employees.

Cool idea. The sticking point: Converting managers into mentors and coaches. That is potentially a tough sell to professionals who have fought hard to become a “manager” and for younger professionals who are striving for that first manager title.

Rewarding Achievement
Management gurus and innovative companies suggest that growth and innovation come from developing leadership at all levels and flattening hierarchies. You reward achievement, in contrast to the traditional career trajectory that rewards advancement. With the advancement model, companies overtly or indirectly push people to aim for roles that may not suit their passion or skills because that is the only way to earn more and be recognized. When you flatten organizations and reward achievement, achievers thrive, as does innovation.

Mentors and coaches are critical in achievement-driven companies because they assist employees in developing the skill sets that allow them to achieve, inspire and lead others. The essential knowledge being transmitted by the mentor is the understanding of the enterprise, culture, protocol, perspective of senior management, strategy vs. tactics, and the synthesis of all those elements, which can take years of work and experience with a company to digest, assimilate and fully understand. Not that mentors are spoon-feeding mentees, but the best of them offer the boiled-down essence of what one needs to know to progress. The information empowers mentees to be more creative, think outside the box and take more (and appropriate) risks. These actions benefit the enterprise and accelerate careers in a positive direction.

Everyone Benefits from Mentoring Process
The exciting thing about mentoring is that it works well in both directions: experienced people mentoring more junior staff and more junior staff offering their expertise (particularly with IT) to senior professionals. The concept of ”reverse mentoring,” pioneered at GE, has been driving knowledge transfer and improved collaboration across companies large and small.

As we start thinking about career and life goals for 2016, put mentoring on your personal development agenda. Have two goals:

  • Find a mentor who will help you further develop your institutional and business savvy.
  • Look for someone junior who you can mentor.

Research has shown that those who receive mentoring build their careers faster and are more satisfied with the direction their career is going. Research also shows that those who mentor others are recognized as leaders and are more positively perceived within their organizations. This is a win-win no matter what kind of company you work for, and you will find yourself ahead of the curve as the mentor/coach leader paradigm (gradually) becomes a dominant business model—which it will.

Resolve to Get Involved in 2016
Finally, you have to know the power of mentoring. Social scientists at Harvard, UC Berkeley, Stanford and other major research universities are finding important links between happiness and gratitude. Mentoring is a dynamic process that engages us in receiving a gift of wisdom from another, for which we feel grateful and happy. When we mentor, we pay it forward and help someone who will benefit from our knowledge. This is a powerful cycle that generates happiness, effectiveness and job satisfaction. If you make only one career resolution in 2016, make it this one: get involved in mentoring.

For more about mentoring—the process, how to find a mentor, how to be a good mentee, how to mentor effectively, and more—join us for ISACA’s webinar on mentoring, 12PM (EST) / 17:00 (UTC), Wednesday, 20 January 2016. Click here for more details.

ISACA CEO Matt Loeb: Reflections on 2015

As 2015 draws to a close, I want to share with you some reflections on what has been a busy and engaging first full year for me as your CEO. I am inspired by what I have observed, the conversations I have had and, most importantly, the warm welcome from the many of you whom I have been fortunate enough to meet.

I have traveled extensively this year to meet with ISACA members, certification holders, volunteers, chapter leaders, and business and government leaders from around the globe. No matter where I was—from the European Parliament and the White House Summit on Cybersecurity, to meetings with government leaders in Africa, India, Israel and elsewhere—one theme was constant: ISACA has growing visibility, influence and impact, and is increasingly being recognized for the role we play as a professional community in supporting and enabling global economic prosperity.

With insights obtained from these meetings, as well as our investment in environmental scanning and market research, the ISACA Board of Directors, under the leadership of International President Christos Dimitriadis, is placing its finishing touches on a refined strategy that will be shared with our chapter leaders at the Global Leadership Summit in April 2016. This strategy will focus on increasing ISACA’s reach, relevance and advocacy to make us a stronger voice for our professions. We will develop new robust products and services for all of our core technical areas—assurance, cybersecurity, risk, governance and more. There will be further investment in extending our global reach by engaging with you locally in more areas of the world than ever before (for example, the first Africa CACS will take place in 2016).

As business enablers, your roles are being shaped by changes in technology. With technology now the lynchpin of innovation and economic value, ISACA professionals have both the opportunity and the responsibility to use your technology-based knowledge and expertise to help transform your organizations. This includes playing a leadership role in keeping your organizations and its people safe from the increasing pressures of cyberattacks. Cybersecurity continues to grow as a matter of global economic security and a public safety issue. To support your efforts, we continue the build-out of ISACA’s Cybersecurity Nexus (CSX), having launched our inaugural CSX conference and our first performance-based CSX Practitioner certification during the second half of 2015.

You are an important part of ISACA’s global community of over 140,000 professionals. As we transition into the new year, I encourage you to leverage both ISACA’s products/services and the power of our community on a local, national and global level to reinforce the value that you deliver to your organization. May 2016 be your most successful year yet!

On behalf of the ISACA Board of Directors and its employees, it has been a privilege to serve you this past year. We all wish you a very happy, healthy, prosperous and safe new year.

Warm regards,
Matt Loeb, CGEIT, CAE

Recruiting For Diversity: How IT Can Welcome New Leaders in 2016

It’s a great year for those with IT skills with the demand booming, but hiring managers are finding themselves up against a wall when it comes to the supply side of the equation – there just isn’t enough talent to go around. Or so it seems. So while those who fit the normal IT profile are likely to be snatched up immediately, there remain plenty of job openings just waiting to be filled. And they can be, but recruiters need to start thinking differently about what an IT professional looks like.

Reconsidering Qualifications
One of the fastest ways to increase the pool of IT talent is to start shifting the emphasis away from requiring four-year college degrees. Instead, IT recruiters should start accepting qualified candidates with IT certificates. So many IT jobs are so specific that the broad knowledge base associated with a bachelor’s degree is unnecessary.

A quality certificate program will give candidates the specific skills they need without the huge time and money investments that come with a four-year degree. From there, companies can identify employees who show potential for further training, including possibly earning a degree, but first recruiters need to open the door to new talent.

Consider Bias
Not only are IT recruiters losing out on talented candidates by focusing on degree qualifications over concrete knowledge—many companies also have walled off their efforts by functioning from a preconceived notion of the IT professional. This image is too often white and male, leaving women and people of color out of the picture.

In many cases, IT companies have built bias into their hiring procedures, largely through networking and old boys’ clubs that readily exclude women and recent immigrants, anyone who isn’t tied to the current startup culture. If a female candidate walks in to interview with a panel of white men, for example, she may immediately feel excluded from the company environment. This can impact the interview quality, as the candidate loses confidence or preemptively accepts that she won’t be hired.

Dedicate Space
Because white men have already colonized so much of the tech industry, sometimes it is not only helpful, but necessary, to dedicate specific space to those historically excluded from the industry. Twitter tried this recently by focusing on bringing women to its Flight conference. This year 29% of attendees were women, compared to only 18% last year.

This success is likely linked to the taskforce of women and minorities in the IT field that Twitter created, a group that networked with Girls Who Code and TechWomen to start shifting the participation and employment demographics in IT. More companies should consider creating teams focused on diversifying the field – Twitter has shown that even a small effort can reap great success.

Train the Next Generation
Ultimately, it may not be possible to remediate the talent shortage in IT immediately – if there aren’t enough trained professionals, even among those with certificate training, then there aren’t enough candidates for the many jobs in IT. The only solution, then, is to start training the next generation, getting them interested in IT careers from a young age. While youth today may be very skilled with navigating the tech world, they often know little about the behind-the-scenes world. That needs to change.

Microsoft is making an effort in that direction, dedicating $75 million over the next three years to build up its YouthSpark program. This program focuses on exposing students to computer science at the primary and secondary school levels with the goal of increasing the number of computer science students at the university level.

With dedicated efforts from major companies like Twitter and Microsoft, the shortage of IT professionals may finally decline in the next few years, but their success won’t just be measured by job slots filled. Until the IT field begins to reflect the diversity of our communities, the field will have a talent shortage. It’s time for recruiters to open the doors and welcome qualified candidates.

Larry Alton
Writer, LarryAlton.com

2016 Recruiting Forecast for IT Professionals

When thinking about the recruiting landscape for 2016, my first thought is that it all depends on which side of the interview you are on. 2015 has shown the strongest demand for skillsets that ISACA members have (IT audit, governance, security and risk) that we have seen since 2005-2007, during the first years of Sarbanes-Oxley Act (SOX) compliance. Currently, conditions are extremely tough for hiring managers who are trying to lure top talent to their teams, and I do not expect this to change anytime soon.

Why the talent shortage? IT audit, governance, security and risk skillsets are an increasingly bright spot on the radar of organizational leaders. This is partly due to increasing regulatory and compliance requirements and high-profile data breaches, but also because of years of efforts to transform IT audit from a “necessary evil” to a value center.

Because of the increased understanding of the value IT risk and controls professionals provide, there has been a significant uptick in non-audit positions since 2012—especially IT risk and compliance roles. These “second line of defense” roles were gaining traction in 2007-2008, but funding in this space tightened (or just plain vanished) during the recession in the US. Now, in a steadily improving economy, budgets for these roles have replenished and the resulting demand has stretched a thin talent pool even thinner by recruiting heavily from IT audit groups.

Another factor is that some of the primary talent generators in our field, the “Big 4” and similar client service firms, made deep staffing cuts during the recession and also dramatically reduced hiring off college campuses from 2009-2012.

These factors have created rosy conditions for most IT professionals seeking new opportunities. Barring a significant global political or economic disturbance, I expect the strong demand in our space to extend at least through 2016.

I am often asked, “What are the top skills in demand?” That is a difficult question to answer for a constituency as diverse as ISACA’s, for example, which covers many disciplines in the IT controls world, ranging from the deeply technical to more general relationship management roles. Cyber security is the word on almost everyone’s lips right now. You can question whether or not cyber security is “new” or just the next iteration of complexity in technology assurance, but regardless, rebranding your skillset toward cyber security activities is a sound career strategy in the near term.

In the long term, whether you are focused on IT audit, governance, risk, compliance, or security, your success will depend on aptitude, attitude, and altitude. By aptitude, I mean your ability to continually learn and adapt quickly to technology and business developments in an increasingly complex and competitive business climate. By attitude, I mean approaching your work with dedication, resilience, optimism and empathy. By altitude, I mean seeing IT risks from the viewpoint of the C-suite, and communicating the impact of risks in business language to a variety of stakeholders.

So, how do you position yourself for continued success in 2016? You have heard the saying, "if it ain't broke, don't fix it.” I say, "if it ain't broke, do preventative maintenance." Each of you probably knows at least one professional who learned a painful lesson during the recession. Many faced involuntarily unemployment for the first time, and were caught having allowed their skills to get stagnant. Now is the time to do preventative maintenance and to be proactive about future-proofing your skillset. Earn an additional certification. Seek out a mentor to help you determine three specific soft and hard skills for you to acquire or improve, and then put an action plan in place to achieve those goals.

Some people will read this and think, “I should do that,” but then it will get shuffled to the side, as life’s many professional and personal demands take a higher priority. I understand. I will leave you with this: I am optimistic that the steady climb in demand for the discussed IT skillsets will continue in 2016, but go ahead and plan your career as if it will not. Either way, you will be a winner.

Derek Duval, CPC
Duval Search Associates, LLC

Is the Internet of Things safe? New ISACA survey shows significant perception gap

As global use of connected devices--including those used for life-saving purposes—grows, a new survey from ISACA shows that there is a significant confidence gap between consumers and cybersecurity and IT professionals. In fact, while 64% of US consumers say they are confident they can control information conveyed through Internet of Things (IoT) devices, 78% of professionals say security standards are insufficient.

According to ISACA’s 2015 IT Risk/Reward Barometer, the number one IoT-related security concern for enterprises is data leakage. Nearly half of the more than 7,000 global professionals surveyed think their IT department is not aware of all of the organization’s connected devices (e.g., connected thermostats, TVs, fire alarms), yet 73% believe the likelihood of being hacked through an IoT device is medium or high. All while 72% say that IoT device manufacturers do not implement sufficient security.

It is clear that further education and awareness efforts are needed. Now. The number of B2B IoT devices is expected to grow from 1.2 billion connected devices in 2015 to 5.4 billion in 2020. That is a lot of important personal and confidential data being shared, transported and used by often unknown entities.

On the flip side, there is a significant business risk if organizations do not embrace IoT. They may lag behind competitors and upstarts, and risk losing revenue and reputation. In addition, enterprises do gain value from IoT. Specifically, global survey respondents reported that the greatest benefits of using IoT are:
   * Greater accessibility to information (44%)
   * Greater efficiency (35%)
   * Improved services (34%)
   * Increased employee productivity (25%)
   * Increased customer satisfaction (23%)

The key is to balance risk with benefits, and I encourage professionals and consumers to safely embrace IoT devices. To help do this, ensure all devices are updated regularly with security upgrades, take cyber security training, be wary about information shared and stay alert for unusual behavior at all times. The future is bright. Or at least that’s what my connected watch tells me.

Rob Clyde, CISM
International Vice President and Board Director, ISACA
Managing Director, Clyde Consulting LLC

Note: ISACA’s annual IT Risk/Reward Barometer is a global indicator of trust and attitudes. The 2015 study is based on polling of 7,016 ISACA members in 140 countries and additional surveys among 1,227 consumers in the US, 1,025 consumers in the UK, 1,060 consumers in Australia, 1,027 consumers in India and 1,057 consumers in Mexico. To see the full results, visit www.isaca.org/risk-reward-barometer.

CSXP:  An exciting new career resource for cybersecurity professionals

Today marks the launch of the CSX Practitioner (CSXP) certification exam. For the first time, cybersecurity professionals can now obtain a vendor-neutral, performance-based cyber certification.

With Cybersecurity Nexus (CSX), ISACA has made a commitment. Through training, guidance, education and credentialing, we will help develop a skilled cybersecurity workforce to reduce the global skills gap, and we will provide resources for cyber professionals at every level of their careers. CSXP is one way we are fulfilling that commitment.

Research shows that the majority of employers—nearly 7 in 10—are requiring cybersecurity job candidates to hold a certification. They are also looking for candidates with hands-on skills. When a prospective employee has CSXP, it indicates that they fulfill both of those criteria and that he or she has the skills needed to help protect the organization.

To earn CSXP, candidates must pass an exam in a state-of-the-art, adaptive, performance-based cyber laboratory environment. The exam measures skills and abilities in a virtual setting using real-world cyber security scenarios. Registration is now open for the exam, and a beta test rate is available for those who take the exam and complete a survey by 1 October 2015.

Very soon, ISACA’s CSX will offer cyber training and certifications for all skill levels and specialties:

  • Cybersecurity Fundamentals Certificate—Knowledge-based certificate that demonstrates a foundational understanding of cybersecurity (currently available)
  • CSX Practitioner—Demonstrates ability to be a first responder to cyber incidents, following established procedures and defined processes. CSXP indicates firewall, patching and anti-virus experience, as well as the ability to implement common security controls and perform vulnerability scans and analysis. (currently available)
  • CSX Specialist—Demonstrates effective skills and deep knowledge in one or more of the five areas based closely on the NIST Cybersecurity Framework: Identify, Detect, Protect, Respond and Recover (coming soon)
  • CSX Expert—Demonstrates ability of a master/expert-level cybersecurity professional who can identify, analyze, respond to and mitigate complex cybersecurity incidents (coming soon)
  • Certified Information Security Manager—Demonstrates the ability to manage, design, oversee and assess an enterprise’s information security program (currently available)

It is an exciting time of opportunity for cyber professionals. Companies and government organizations need you more than ever. As you grow your career in this area, know that we are here for you—we will help you stand out, grow your career and connect with a global community of cybersecurity experts.

Christos Dimitriadis, Ph.D., CISA, CISM, CRISC
2015-2016 ISACA International President

Top digital trends affecting organizations today—and what you should do about them

When it comes to the use of technology decision making, the stakes for the business have never been higher. Investing in the right technology at the right time can very often mean direct competitive advantage to the business. Investing poorly, at the wrong time, or not at all (especially when competitors do so) can instead mean the business operates at a disadvantage relative to peers and competitors.

At the same time, the time window that organizations have to consider the options available to them is decreasing. It seems like digital trends and new technologies arise quickly and appear from seemingly out of nowhere, leaving organizations relatively little time to evaluate trends, understand the risk and rewards, and make an informed decision about investment. And, as we know, making an informed decision about value and risk tradeoffs for any technology or digital trend can be complicated. We need to consider business value added, new risks introduced (and old risks potentially mitigated), cost of the investment, possible disruption to business teams and numerous other factors.

To help with these challenges, ISACA is making a new resource available: ISACA Insights. The purpose of Insights is to identify the most impactful digital trends that organizations should consider in their strategic decision making:

  1. Big data analytics
  2. Mobile technologies
  3. Cloud computing
  4. Machine learning
  5. Internet of Things
  6. Massive open online courses
  7. Social networking
  8. Digital business models
  9. Cybersecurity
  10. Digital currency

Insights consists of a top 10 report describing the high level trends in business-accessible language and supplemental individual trend reports highlighting specific trends with an eye to overall organizational risk and value. Because the reports are short and business-accessible rather than technical, they are easily understood by those on either the technology or business side of the organization. They can be used as a discussion aid between business and technical teams—for example, to help business teams understand the risk impact of a particular trend or to help technical teams understand the business value drivers that might be driving interest in a particular trend or technology area.

Over the next few weeks, ISACA will be looking in depth at some of the information outlined in these reports and some of the risk, value and security implications of each of the top trends. Making a holistic decision about the risk vs. reward associated with investing in any particular trend means understanding both sides of the risk equation—the value to the business in adopting, the potential business risks associated with failing to adopt, as well as the technical risks that can be introduced when adopting these trends.

I encourage you to view the report on the top 10 trends, as well as the more in-depth reports on each of the top four trends. All are free at www.isaca.org/isaca-insights.

Ed Moyle
Director of Emerging Business and Technology, ISACA

International President: New ISACA board of directors continue on path of agility and innovation

The rate of change in our enterprises is racing faster than at any other time. New technologies are introduced nearly daily—and many of them are making their ways into our workplaces. These new realities mean that information flows instantly around the globe, and we need to be agile and prepared.

ISACA has long been respected for its foresight and innovation, and with the installation of the 2015-2016 board of directors recently in Brussels, this tradition continues. I am honored to serve as ISACA’s international president during this time of incredible innovation.

I would like to thank Immediate Past President Robert Stroud for his many years of dedicated service. During Rob’s tenure, ISACA experienced growth in many areas, including membership, chapters and revenue. ISACA launched the Cybersecurity Nexus (CSX) and the online version of COBIT 5. I look forward to Rob’s continued significant contributions throughout the year.

My sincere appreciation also goes out to the outgoing board members who have given so much of their time and expertise to ISACA over the years—Steven Babb (UK), Ramsés Gallego (Spain), Vittal Raj (India), Debbie Lew (USA), Frank Yam (Hong Kong), and Alexander Zapata Lenis (Colombia). You have helped lead ISACA and contributed to the growth of our global respect and reputation—thank you for your past and future contributions.

As our new and returning board members continue to move ISACA forward and focus on our refreshed strategy and goals, I am eager for you to collaborate closely with all of us:

  • International President Christos K. Dimitriadis, Ph.D., CISA, CISM, CRISC, group director of Information Security for INTRALOT, Greece
  • International Vice President Rosemary Amato, CISA, CMA, CPA, director, Deloitte, Amsterdam, The Netherlands, program director for Global Client Intelligence (GCI), The Netherlands
  • International Vice President Garry Barnes, CISA, CISM, CGEIT, CRISC, MAICD, practice lead, Governance Advisory at Vital Interacts, Australia
  • International Vice President Robert Clyde, CISM, managing director of Clyde Consulting LLC, USA
  • International Vice President Theresa Grafenstine, CISA, CGEIT, CRISC, CIA, CGAP, CGMA, CPA, inspector general of the U.S. House of Representatives, USA
  • International Vice President Leonard Ong, CISA, CISM, CRISC, CGEIT, CPP, CFE, PMP, CIPM, CIPT, CISSP ISSMP-ISSAP, CSSLP, CITBCM, GCIA, GCIH, GSNA, GCFA, COBIT 5 Implementer and Assessor, Singapore
  • International Vice President Andre Pitkowski, CGEIT, CRISC, OCTAVE, CRMA, ISO27kLA, ISO31kLA, COBIT 5 Foundations Trainer, principal consultant APIT Consultoria de Informática Ltd., Brazil
  • International Vice President Eddie Schwartz, CISA, CISM, CISSP-ISSEP, PMP, president and COO of WhiteOps, USA
  • International Director Zubin Chagpar, CISA, CISM, PMP, focuses on  Venture Capital Business Development in EMEA for Amazon Web Services, United Kingdom
  • International Director R.V. Raghu, CISA, director of Versatilist Consulting India Pvt. Ltd., India
  • International Director Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, FACS CP, director of information security and IT assurance at BRM Holdich, Australia

For more than 45 years, ISACA has been a trusted global resource to help professionals transcend borders and collaborate. We recognize that the people we serve have rapidly evolving needs, and are focused on ensuring that ISACA continues on its path of becoming more flexible, responsive and enabled for a dynamic future.

Christos K. Dimitriadis, Ph.D., CISA, CISM, CRISC
ISACA International President

1 - 10 Next