Other Blogs
There are no items in this list.
Knowledge & Insights > ISACA Now > Categories
Five Questions with Social Business Guru Ryan Hogarth

Ryan HogarthEditor’s note: Social business strategist, author and radio show host Ryan Hogarth will deliver the opening keynote address at Africa CACS 2017, to take place 11-12 September in Accra, Ghana. Hogarth’s keynote is titled “We Are Not Robots.” Hogarth recently spoke with ISACA Now about some of the themes he will address, such as navigating digital disruption and how to strengthen relationships with customers. The following is an edited transcript:

ISACA Now: You use the term a “frictionless economy.” What do you mean by that?
Everything about being a customer has been transformed through our use of customizable technology because friction is constantly eliminated. We can get what we want or what we need with a click, a tap, a swipe or a gesture. The businesses that will succeed are those that understand their customers’ journey enough to use the right technology to remove friction and make interaction, servicing and purchasing seamless and effortless, or frictionless.

ISACA Now: What are some common mistakes that organizations make in navigating digital disruption?
The two most common mistakes are:

  1. Ignoring it and pretending that disruption does not affect your industry or business. Here we see an insistence that the way business has always been done is sufficient to ensure success in the future. These are the companies that will not allow access to social media at the office or who discourage the use of smartphones for work.
  2. Over-investing in technology without a change in thinking and culture. Here we have the affliction of doing old things with new technology. Converting training manuals to PDF and making them available on a tablet does not mean digital transformation. Before investing in technology, a business should first be clear about what technology their customers and teams use, and then shape your technology to fit them.

ISACA Now: What are the best ways for an organization to strengthen its relationship with customers?
First, map your customers’ journey. What is their actual, real-world experience with your brand or business? Knowing this is far harder than we at first think because we make assumptions about what our customers actually do and experience. Once you plot this out, the shortcomings become far clearer and solutions a lot more obvious.

ISACA Now: Do you think most enterprises are utilizing social media effectively?
No. Most enterprises that are on social media still view it as just another tool of sales or marketing rather than a means of communication and relationship. Again, this requires a shift in thinking. Are you thinking about how you can build a relationship with a customer or just how you can push your latest offering?

ISACA Now: What technological innovations do you anticipate having the most impact on the global economy within the next few years?
There are several: Self-driving cars, clean energy, augmented reality, artificial intelligence, blockchain, high-quality online education, food science and medical technology. All of these are important because their impact will affect so many industries beyond the obvious. We see the immediate effect in how global businesses are playing in fields far outside their traditional spaces. Social media wants to get into banking, tech firms are playing in areas of transportation or health, and banks are pushing hard into the tech space.

In Era of Digital Disruption, ISACA is Ready to Rise to the Occasion

Theresa GrafenstineMuch of what I learned about being a professional – and being part of a professional community – came through my association with ISACA.

As the first person in my family to graduate from college, I entered the workforce hungry for the educational resources, networking and professional growth opportunities to make an impact. ISACA provided that and much more, allowing me to envision and embark upon a career trajectory that otherwise would not have been possible.

My professional development was accelerated by pursuing ISACA volunteer opportunities such as helping to coordinate local conferences, which allowed me to make valuable industry contacts and build my project management skills. Eventually I became president of ISACA’s Greater Washington DC Chapter, providing another important opportunity to expand my skill set and learn more about the audit and assurance, governance, risk, and information and cyber security professions. Serving on several ISACA committees and on the board of directors provided further enrichment, both professionally and personally, as I am fortunate to have built treasured relationships with many of ISACA’s 130,000-plus members worldwide.

Now, as the newly installed chair of ISACA’s board of directors, I am grateful for the opportunity to help lead the organization that has provided me so much fulfillment. I’m privileged to work with and on behalf of our global professional community to advance the positive potential of technology in the professions that we serve and society as a whole.

ISACA is nearing its 50-year mark, and with technology-driven challenges and opportunities all around us, there is no doubt we are more relevant than ever. In addition to ongoing activities building toward our 50th anniversary in 2019, there is so much to accomplish in the year ahead. Cultivating a deeper pipeline of leaders in our professions through the Leadership Development Advisory Council, building toward greater societal impact through a revitalized foundation and ensuring ISACA’s Connecting Women Leaders in Technology program becomes even more robust and influential are among many projects for which there is promising momentum.

As we anticipate the progress ahead, I want to express my appreciation for the many contributions of our outgoing board members, as well as our outgoing board chair, Chris Dimitriadis. Chris has led with a calm and good-natured approach, steering ISACA through a period of growth and change while making sure that local chapters and all members of our community are heard and included.

I am delighted that Chris will be part of the smart, dedicated and diverse group of board members for 2017-2018 that will help shape ISACA’s vibrant future:

  • Theresa Grafenstine, CISA, CGEIT, CRISC, CPA, CISSP, CIA, CGMA, CGAP, chair
  • Rob Clyde, CISM, vice-chair
  • Brennan Baybeck, CISM, CISSP, CISA, CRISC, director
  • Zubin Chagpar, CISA, CISM, PMP, director
  • Peter Christiaans, CISA, CISM, CRISC, PMP, director
  • Hironori Goto, CISA, CISM, CGEIT, CRISC, ABCP, director
  • Mike Hughes, CISA, CRISC, CGEIT, director
  • Leonard Ong, CISA, CISM, CGEIT, CRISC, CFE, CIS, CISSP, CPP, CSSCP, ISSAP, ISSMP, PMP, director
  • R.V. Raghu, CISA, CRISC, director
  • Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, director
  • Ted Wolff, CISA, director
  • Tichaona Zororo, CISA, CISM, CRISC, CGEIT, CIA, CRMA, director
  • Chris Dimitriadis, CISA, CISM, CRISC, ISO 20000 LA, director and past board chair
  • Robert E Stroud, CGEIT, CRISC, director and past board chair
  • Tony Hayes, CGEIT, AFCHSE, CHE, FACS, FCPA, FIIA, director and past board chair
  • Matt Loeb, CGEIT, director and CEO

While the board will work diligently on ISACA’s behalf, it will take a team effort – all of us collaborating as ONE – to achieve all that we can. We live in a world that is grappling with widespread digital disruption. ISACA can and must be a leading voice in providing a sense of assurance and security as professionals and enterprises navigate a challenging technology landscape.

I know how influential ISACA can be, as evidenced by my own journey. I am proud of what ISACA has meant for myself and so many others, but more than anything, I am energized about the future that we can build together. 

Faces of ISACA: Gerard A. Joseph, CISA, CISSP, CSAM, Ph.D., Independent Consultant

Editor’s note: The ISACA Now series titled “Faces of ISACA” highlights the contributions of ISACA members to our global professional community, as well as providing a sense of their lives outside of work. Today, we spotlight Australia-based consultant Gerard A. Joseph.

Australia resident and ISACA member Gerard Joseph has traveled extensively throughout the United States, as his visits to all 50 US states would attest.

One of Joseph’s can’t-miss US destinations is wherever ISACA’s North America CACS conference is taking place.

Joseph has amassed some serious frequent flyer miles – and drawn his share of quizzical banter from fellow conference attendees – for what has become an annual tradition of trekking to North America CACS all the way from his home just outside Canberra, Australia.

“It does kick off the conversation quite nicely, and you can go from there,” Joseph said. “At the conferences, you’re not just talking commercially, but you can mix it with the personal side of things. I guess coming from Australia, it does attract attention to some extent because of the distance. It just helps to cement a nice, easygoing relationship, even if it’s just for a couple of minutes, to talk about where you’ve been and how much of the country you’ve seen.”


Australia resident Gerard Joseph, pictured attending the Alchemy & Ale social event at North America CACS last month in Las Vegas, is a regular North America CACS attendee.

Joseph became an ISACA member in 2006 when he pursued the CISA certification, and, as he learned more about the depth of offerings at North America CACS, he decided it was well worth the time and financial investment to attend. Joseph has attended North America CACS each of the past four years, including the most recent gathering last month in Las Vegas.

Joseph has many friends, business associates and even a daughter in the United States, so he tends to combine his CACS trips with other visits and sightseeing. Besides, journeying thousands of miles is a fact of life for Australians with a taste for travel.

“For Australians and for New Zealanders, really to travel anywhere you’ve got to travel a long way,” said Joseph, who has visited around 35 countries in total. “If we travel, we’re used to traveling a long distance.”

Joseph, a consultant, is a registered security assessor under a program managed by an agency of the Australian Department of Defence. As his career unfolds, he has become intrigued to learn more about trends and best practices in audit and security. That, along with what he called “absolutely enthralling” speakers, quality networking opportunities and an array of exhibitors that “just help you to keep tabs on where the industry is going” has made him a North America CACS loyalist.

Despite Joseph residing in Australia, the conference’s US location might be more of a bonus than deterrent. He has been fond of the United States since he was young – an affinity he and his wife seemingly passed on to their children, one of whom attended Massachusetts Institute of Technology and another who currently resides in Honolulu, Hawaii. Those family visits helped Joseph expand the list of US states he’d visited, and, by 2012, he realized he’d been to 41 states.

 “I thought, well, this is ridiculous, I really have to see the other nine,” said Joseph, who did just that, completing his 50-state milestone with a trip to Juneau, Alaska that capped a two-week, eight-state odyssey.

Despite having seen much more of the country than most US residents ever will – for the record, he counts New York as his favorite locale due to its cultural gravitas – Joseph’s wanderlust remains intact. Visiting the remaining 10 state capitals he has yet to see remains a goal.

“Regardless of how much of any country I've seen, I always feel I've merely scratched the surface and that there is a vast amount left that I'd like to explore, and that is certainly true of the U.S.,” Joseph said.

Along with work and travel, Joseph is passionate about history, classical movies and music, ballet and genealogy. His interests and travel experience supply him plenty of potential ice-breakers with fellow conference attendees, though he might have slightly less time on his hands at North America CACS 2018, set for 30 April-2 May in Chicago, Illinois.

As if making another overseas expedition to attend North America CACS doesn’t convey enough dedication, Joseph has an eye on potentially making his debut as a conference presenter.

“Chicago will be my fifth NA CACS conference so I thought it was time to elevate my participation – and my overall profile in audit and security – by being part of the program,” Joseph said. “Of course, it depends on whether my proposal is accepted, but even if it isn't, I'll still enjoy the conference and the networking opportunities it presents.”

Faces of ISACA: Michael Thiessmeier, Senior Manager, Technology & Security Risk Management, Oportun

Editor’s note: The ISACA Now series titled “Faces of ISACA” highlights the contributions of ISACA members to our global professional community, as well as providing a sense of their lives outside of work. Today, we spotlight risk management professional and ISO delegate Michael Thiessmeier.

Perhaps owed to his military background, Michael Thiessmeier believes that knowing how to perform the duties of both his supervisors and subordinates is the best way to ensure success. He has put in the time to make sure that’s the case.

Thiessmeier has more than 20 certificates and certifications, including ISACA’s COBIT Foundation certificate.

“Think about it this way,” Thiessmeier said. “One person might go watch soccer on Sundays. I might sit on that same couch preparing for a certification exam and feel the same kind of joy and excitement if I pass that the other person feels when their home team scores a goal.”

Thiessmeier joined ISACA in 2012 when professors in Germany – where he was born and spent seven years performing military service – encouraged him to seek out professional organizations.

“I spent years looking for options and evaluating my career path,” Thiessmeier said. “Finally, I determined that ISACA was best aligned with the direction that my career was taking.”

His current role is Senior Manager, Technology & Security Risk Management, with Oportun in Redwood City, California, USA. He is especially interested in how trends like machine learning necessitate automating controls testing.

“Being situated at the intersect of fin-tech and financial services allows me to work on things that have not been done before,” Thiessmeier said. “There truly is no cookie-cutter approach to our industry, and that’s where the research I am doing with ISACA and other organizations turns out to be very helpful.”

Thiessmeier also is heavily involved with ISO as a delegate expert for ISACA, a relationship that came about when he saw an opening on the ISO liaison committee posted on ISACA’s website. He is active in the Security Controls and Services, and Identity Management and Privacy Technologies working groups, and recently was elected as project co-editor for the ISO standard pertaining to application security validation and verification.

Some of Thiessmeier’s career highlights include working on the largest gaming console launch in history – he was manager of consumer services technology with Sony PlayStation during the PS4 launch – while at the same time participating in a major customer relationship management (CRM) implementation that automated consumer service processes.

“During that time I was not only allowed to lead several teams of incredibly smart and caring individuals, but also designed and ran the 'war room' used to manage that console launch,” he said. “Thanks to everyone involved, the launch was a great success and beat our expectations.”

Going forward, Thiessmeier intends to learn more about penetration testing. Fitting his overarching approach, that objective isn’t for personal gain as much as to continue deepening his broad-based reservoir of knowledge.

“I do not plan on being a penetration tester at this point in my career, but I want to make sure that I am in the best position to empower them in their day-to-day duties,” he said.

Aside from his traditional career interests, Thiessmeier volunteers for Team Rubicon, an organization that provides disaster response and veteran integration services.

“The moment you see a community that went through a horrible disaster pull together and come out of it closer than ever – no words can describe that,” Thiessmeier said.

How Can We Get More Young People Excited About IT?

There are a lot of exciting things happening in the IT field, which means there’s a tremendous amount of growth occurring in a lot of businesses. With that growth comes the need to hire cost-effective talent. This begs the question: How can we get more young people excited about launching careers in IT?

Why IT?
When you ask children what they want to be when they grow up, you’ll hear an array of answers. From firefighter and police officer to professional athlete or doctor, there are a handful of occupations that always seem to draw interest from children.

Kids typically don’t grow up pretending they’re IT pros or dream about fixing computers, coordinating corporate security strategies or deploying advanced new software programs, but maybe that’s our fault as adults. The IT career field is an exciting one, and we’re doing our youth a disservice by failing to get them excited at a young age.

For starters, there’s the positive industry outlook, with both wages and employment opportunities outpacing most other industries.

Then there’s the fact that IT pros can work in just about any environment. There are Fortune 500 positions, as well as opportunities to contract with small businesses. This change of scenery can be refreshing for people who like to move around and see new things.

Making IT attractive to young students
As you can see, there are a lot of positive things happening in the IT industry. The goal has to be for educators, adults, and those already in the field to shine a light on its positive trajectory. Here are a few ideas:

  1. Make the push online. Today’s youth (and tomorrow’s professionals) spend a lot of time online. For companies and organizations that want to reach this segment of the future workforce, there needs to be a greater online push for visibility. Since social media is a hugely popular destination, there’s value to be extracted from sharing engaging content and strategically funneling users to landing pages. There’s also something to be said for tapping into visual social platforms like Snapchat and Periscope to provide some behind-the-scenes content about how exciting a career in IT can really be.
  2. Focus on creativity. Creativity is a big thing when young people search for jobs. They want careers that allow them to use their talents and enjoy the freedom to innovate and create from the start. Unfortunately, very few career fields – especially at entry-level positions – leave room for imagination and vision. However, IT professionals are like artists in many ways, constantly being called on to use certain tools to maximize resources and build new solutions.
  3. Highlight the low cost. For high school students who won’t be having their college paid for by a parent, the rising cost of tuition and the ever-present burden of student loans is enough to scare even the most optimistic child away from pursuing a college degree. Thankfully, you don’t need a four-year degree to be an IT pro. Some specialized training/certificates can get people started in the field.

IT isn’t exciting in the sense that you get to fight fires or hit a 95-mph fastball in front of 40,000 fans, but that doesn’t mean today’s children can’t grow up wanting to pursue a career in this growing field. It’s up to us to shed light on just how stimulating it can be.

Help ISACA Mark its 50th Year, Look Toward the Next 50

Planning is well underway to lead into ISACA’s 50th year in 2019, mark the anniversary, and carry momentum forward into the next decade and beyond. From outreach nearly a year ago to ISACA’s past presidents —an early tap of their ideas and insights — to anniversary footings now in place, importance, inclusivity, curiosity and enthusiasm characterize efforts to date.

And today is an important date, as ISACA debuts one of those footings — and a digital one at that. The first phase of our anniversary microsite, www.ISACA50.org, is up and running. The site will serve as a hub for stories, to gather and share history, for celebrating toolkits, to post anniversary news and updates from around the global, and to predict our future. It will lead the way to bring our anniversary theme to life:

Honor Our Past. Innovate Our Future.

As you read this, the site is having its first show-and tell during the ISACA Regional Leadership Conference, beginning today in Las Vegas. The site, the celebration underway and to come, is theirs, yours, ours. It has taken a collective effort to reach such a proud milestone, so it is only natural that the global ISACA community enjoys the celebration together: ISACA50.org is just the start. We encourage you to share your story of what ISACA means to you, as well as any images, videos or other materials — whether related to ISACA or the professions we serve — that will help enhance anniversary programming.

The anniversary logo is featured prominently on ISACA50.org. There is meaning to its design, and we hope you sense its energy. Concentric circles in the “50” represents the perpetual motion and innovation that have been hallmarks of ISACA’s past and present, and will be even more prominent going forward. Fittingly for a future-minded tech organization such as ISACA, envisioning and embracing the possibilities of the next 50 years will be a rallying point of our celebration.

Beyond the web portal, there are many other in-progress plans to commemorate this demarcation of the past and future. Another foundational element is an immersive, innovatively designed event exhibit. Preliminary concepts feature interactive, responsive technologies to illustrate history, ISACA contributions and milestones, people and impact, and a central “Future Visions” booth to capture and enhance visitor experiences and aspirations — for themselves, for ISACA, for our industry and for the world.

A third and just as essential early anniversary element are plans, creative programs and packaged toolkits to prompt celebrations of all shapes, sizes and durations by and for ISACA chapters, volunteers, leaders, members and engaged professionals the world over. The anniversary provides a clarion call, as ONE global community, to deliver ISACA’s Purpose and Promise:

  • Help you realize the positive potential of technology
  • Inspire confidence that enables innovation through technology

Indeed, you will see, hear and feel the impact of Purpose and Promise as we honor, and as we innovate over the course of our anniversary years.

ISACA has an incredible story to tell. Consider the seismic shifts in technology that have unfolded since 1969, when a small group of individuals in the Los Angeles area formed the EDP Auditors Association, which eventually became ISACA. For the past five decades, ISACA has been at the forefront of helping professionals and their enterprises navigate the fast-moving technology landscape. Our ability to do so for the next 50 years is even more imperative given the scale of global digital disruption we’re experiencing.

This is a special time for ISACA. Our global professional community — growing each year in number and impact — will honor our past and innovate our future together. It will be a fun, enlightening and rewarding celebration.

Stay tuned – there will be much more to share, know and do in the coming months and years. It is time to Honor Our Past. Innovate Our Future. A first visit to www.ISACA50.org is a great place to start!

Faces of ISACA: Maria Divina C. Gregorio, CISA, CRISC, PCI-ISA, PCIP, internal audit manager, VSP Global

Editor’s note: The ISACA Now series titled “Faces of ISACA” highlights the contributions of ISACA members to our global professional community, as well as providing a sense of their lives outside of work. Today, we spotlight Maria Divina C. Gregorio, CISA, CRISC, PCI-ISA, PCIP, internal audit manager, VSP Global, a US resident from the state of California.

ISACA Now: What motivated you to pursue a career in audit?
I chose a career in audit because it allows me to have a comprehensive understanding of and exposure to all facets of the business. I am able to use my knowledge, analytical techniques and people skills to effectively contribute to the betterment of the organization. I was also influenced by a mentor early in my career who encouraged me to explore opportunities in this field and introduced me to ISACA’s CISA certification.

ISACA Now: How do you see technological advancements having the greatest impact on audit in the next 3-5 years?
I believe that technological advancements have and will pave the way for more efficient, more effective and more economical audits.

ISACA Now: What are a few professional achievements of which you’ve been most proud?
I am proud to have achieved my CISA, CRISC, PCI ISA and PCIP certifications. They allowed me to lead highly impactful audits that resulted in major cost savings to the organization. I am very proud to have authored our cyber crisis management plan, and I am now leading the global business continuity initiative in my organization.

ISACA Now: How long have you been an ISACA member, and what has that added to your professional development?
I have been a member of ISACA since October 2005 – 12 years! I believe that the benefits derived from my ISACA and other professional association membership, certifications, active participation in my local chapter, passion toward my profession and continued quest to educate myself have been a great formula for my professional development.

ISACA Now: You’ve been active in Habitat for Humanity – what have you taken from that experience?
I’ve always been guided by a personal commitment to leave this place a little better than I found it. I believe that serving with Habitat is my small contribution to that commitment.

ISACA Now: What is the most fun aspect of living in California?
Do I feel like having authentic dim sum breakfast in San Francisco this morning, then heading to a Napa vineyard for lunch and some wine? Or how about some honest to goodness mole in the Mission, then heading to the beach and gazing at migrating whales in Bodega Bay? Or maybe picking up my skis and hitting the slopes at South Lake Tahoe, or lounging in a houseboat in Shasta Lake? As you can see, there is something for everyone in California. I feel very blessed to have these choices – all within hours from each other!

ISACA Now: What are some of your favorite things to do outside work?
I read, go on hikes with my dog; tend my organic garden; feed the ducks, peacocks (yes, we have them “wild” around my neighborhood) and turkeys; swim; work out; and have lunch dates with my mom.

Giving Thanks to Those Who Volunteer

It’s National Volunteer Week in the US. ISACA, however, is global in its reach, as is our corps of dedicated volunteers, and I want us to honor them all. So, I am choosing to declare this period as “ISACA Volunteer Appreciation Week.” In this spirit, I ask you, members of our professional community worldwide, to join me in thanking our organization’s over 4,000 members who provide us with their generous gifts of time and expertise to support advancing ISACA’s purpose to help realize the positive potential of technology.

Here, in their own words, are a few examples of volunteers’ contributions, and their motivations to give back to ISACA and our profession:

  • Hari Chede, president of the UAE chapter, speaks proudly of his impact on members’ career development and of skills he’s gained through his volunteer work conducting CISA and CISM review classes: “If you have a passion in assurance fields and you want to grow in that field, apart from having different assurance certifications and education, being a volunteer at ISACA can accelerate your career by learning various skills (event management, time management, project management, accounting and public speaking) and keeping you engaged with successful people in the assurance fields.”
  • Joe Cai helps position ISACA to expand its global impact by volunteering as a translator as a member of the CISA Certification Working Group: “I find ISACA is paying more and more attention to the market in China. ISACA is providing many Chinese Simplified materials to break the language barriers and engaging with the local community, both of which require lots of local volunteers. With their help, we can build a good ISACA ecosystem, gathering more and more IT control, security, risk and governance professionals in China. Participating also affords volunteers many benefits like building relationships with industry peers, acquiring more IT control and cyber security trend information and knowledge within China as well as ISACA global, and meeting other ISACA members from all over the world.”
  • Jo Stewart-Rattray serves as volunteer chair of ISACA’s Women’s Leadership Council which has developed and launched the Connecting Women Leaders in Technology program to address urgent challenges of women in the technology workforce: “Together with my HQ colleagues, we have brought together a group of influential women from across the world to build the resilience and confidence of our women leaders to seek the career they want and to provide the knowledge assets and connections that can guide them along the way. ‘Connecting Women Leaders in Technology’ is in response to a great want and need for such initiatives from our constituency base. Without women in the workforce, we simply won’t have the resources to continue to fuel the job economy and innovation.”

In 1969, it was a small group of volunteers in Los Angeles who had the foresight to see the need for our work as a result of companies investing in technology capability to support financial and business operations. They established the EDPAA, and sowed the seeds of opportunity that led to our current day ISACA. As we approach our 50th anniversary, volunteering has always been at the foundation of ISACA’s evolution. Increasing this engagement will be a hallmark of how we write the next 50 years of ISACA’s history.

On behalf of the entire ISACA family, we thank our chapter leaders who work tirelessly to increase ISACA’s visibility, influence and impact locally. We thank those who contribute to keeping our certifications and continuing education relevant in a constantly changing workplace as a result of a rapidly changing technology landscape and an increasingly complex legal, regulatory and compliance environment. We extend our gratitude to those volunteers committed to advocating for and strengthening our professions, creating opportunities for career growth and, perhaps most importantly, helping all of us to share the value of what we do to enable the organizations for which we work.

In a world where time is our most precious commodity, your willingness to give back inspires us all, especially knowing that you do so above and beyond your many other professional and personal responsibilities.

Editor’s note: To learn more about volunteering with ISACA, visit www.isaca.org/volunteer. To share your volunteer story, email [email protected].

Faces of ISACA: Integrity Central to Santor’s Career Success

One of the most influential conversations in Cheryl Santor’s career required plenty of gumption.

Santor, working in IT at a mortgage banking firm in the 1990s, had major concerns about non-proprietary memory that had been installed, jeopardizing the main system for collecting loan information. She voiced her concerns to her CIO in no uncertain terms, believing the integrity of the loan origination system was at stake.

It turns out, Santor’s candor – and insights – were respected more than she could have anticipated. About a year later, that same CIO hired her to work at a national bank where she eventually became CISO.

“He appreciated my diligence, integrity and forthrightness,” Santor said. “This boosted my career and provided the backdrop for my future.” 

Santor, a longtime ISACA member, recently retired as the Information Security Manager of Metropolitan Water District of SoCal, where she ensured the security of the business and SCADA network systems. Her responsibilities included review of all national and global intelligence that might affect water system reliability. She continues her ISACA involvement, and work with the FBI InfraGard and other professional organizations, to provide expertise in her areas of focus.

The fourth-generation Californian recently was nominated by a colleague as a finalist in the Los Angeles Business Journal’s CTO Awards.

“I have been in this work for 28-plus years and it has always been a passion, so to be recognized for that passion is reward in itself,” Santor said.

An information security professional “before there was such a title,” Santor said she emphasizes awareness of security best practices, including disaster recovery exercises and access controls.

Santor has been actively involved in ISACA’s Los Angeles chapter for 17 years. She was an IT auditor when she first joined.

“Seeing that audit and security went hand-in-hand, in providing the best for any organization, I joined ISACA,” Santor said. “I knew that ISACA would provide me the intelligence and expertise as I moved through my career.”

In recent years, Santor has become especially passionate about ISACA’s Cybersecurity Nexus (CSX) program as a resource for cyber security professionals to gain the needed skills and training to keep pace with fast-evolving cyber threats.

“Whether they are entering the field, changing careers or just becoming the person who is taking cyber security on for their company, they can look to ISACA’s knowledge to support their efforts,” Santor said.

Santor and her husband, Louis, have four children and eight grandchildren. Rather than having a hard time keeping up with her grandchildren, it might be the other way around; Santor is a car enthusiast whose hobbies include racing Corvettes and Cadillacs.  A less adrenaline-infused passion is quilting, which Santor said benefits from a similar mindset to her professional wiring.

“I like to take fabric, cut it up and create a new version or outcome,” she explained. “To me it is somewhat like computer forensics. You are presented with a puzzle and you need to make sense of it as the final outcome – an investigative process in both instances.”

Three Questions with Daymond John

Editor’s note: Daymond John, the FUBU clothing founder, Shark Tank reality TV judge and a self-made multimillionaire, will deliver the closing keynote address at ISACA’s North America CACS 2017 conference, which will take place 1-3 May in Las Vegas, Nevada, USA. John visited with ISACA Now about what innovation means to him, his approach to taking business risks and the Shark Tank experience. The following is an edited transcript:

ISACA Now: The word ‘innovative’ is thrown around a lot. What does that mean to you, and in what ways has that kind of mindset allowed you to achieve such a high level of success with FUBU and your other ventures?
Innovation is the process of creating something new, which oftentimes is just a newer version of something that already existed. For example, to me, Twitter was a note on a pigeon's leg hundreds of years ago. It’s just a new form of delivery.

There’s a huge misconception about innovation, which is that it starts with some grand idea. The truth is that it typically begins with people collaborating and working together on ordinary ideas that transform into something innovative. 

When I started FUBU, I didn't put three sleeves on my T-shirts. I didn't start trying to be “innovative.” I just did what I could with what I had, and the brand became more than what even I imagined it could be.

ISACA Now: What advice would you give somebody who has a business idea that he or she is excited about but is nervous about taking that entrepreneurial plunge?
Take affordable steps. You don't need to take great leaps of faith. Again, start with whatever you can afford to lose.

The idea is not to get over your fear of taking a plunge – it’s not to take a plunge at all. Baby steps; that way, you don’t hurt yourself too much when you run into problems. That way, you can survive your mistakes and live to take another step.

ISACA Now: What has it been like to be involved with Shark Tank, and what aspects of the show do you think resonate most with viewers?
It has been a great learning experience for me. I learn as much from the entrepreneurs as they learn from me sometimes.

What resonates with people? I think the show illustrates that the American Dream is still achievable. It shows that ordinary people can do extraordinary things if they're willing to act on their ideas.

1 - 10 Next