As my relationship with ISACA unfolded through various volunteer roles for the past 25 years, I have had the privilege of seeing the organization evolve – through good times and challenging times – just as many of us have experienced in our personal lives and careers.
I’ve stayed with ISACA for the long haul because regardless of the hot technology or top-of-mind regulation of the day, I have consistently been proud to serve a global organization that provides the resources needed to advance business technology professionals’ careers and strengthen the technology workforce, while addressing some of the biggest challenges in our industry.
Now that ISACA is celebrating its 50th anniversary, the math is not lost on me that I have been part of this organization for half of its illustrious history. It is an honor to begin my term as chair of the ISACA board of directors at such a consequential time for our professional community and the organizations that they serve. Whether it is helping to shape the future of IT audit, evangelizing an executive-sponsored approach to data governance, navigating the rise of automation or promoting the need for our professional community to be lifelong learners, ISACA is well-equipped to make a profound impact in the years to come. Best of all, we have so many avenues through which our professional community can set that impact in motion.
From chapter leadership roles, which I have experienced first-hand through ISACA’s Denver Chapter, to hands-on advocacy opportunities, to championing our SheLeadsTech program, and so much more – ISACA’s breadth of experiences provides a terrific complement to the organization’s core credentialing, learning and professional development resources.
One of ISACA’s greatest strengths is its diversity. Diversity will be the key to solving many of the current and future challenges in our fields, especially security. ISACA will be taking more concrete actions in this area and will serve a central role in this space. Having diverse teams – including gender, race and ethnicity – and diverse perspectives is critically important, and you will see more from me on this in the coming year.
As I begin this new role as board chair, I want to extend deep appreciation to my predecessor, Rob Clyde, whose wisdom and passion for this organization will remain tremendous assets going forward. Fortunately for all of us, Rob will remain part of the board of directors. I look forward to teaming with a talented and purpose-driven mix of board members (as listed below) in the year ahead:
2019-2020 ISACA Board of Directors
- Brennan P. Baybeck, CISA, CRISC, CISM, CISSP, chair; Vice President - Customer Support Services Security Risk Management for Oracle Corporation
- Rolf von Roessing, CISA, CISM, CGEIT, CISSP, FBCI, vice chair; Partner and CEO, Forfa Consulting AG
- Tracey Dedrick, director; former Chief Risk Officer, Hudson City Bancorp
- Pam Nigro, CRMA, CISA, CGEIT, CRISC, director; Senior Director, Information Security, GRC Practice, Health Care Service Corporation (HCSC)
- R.V. Raghu, CISA, CRISC, director; Director of Versatilist Consulting India Pvt. Ltd.
- Gabriela Reynaga, CRISC, CISA, GRCP, director; Founder and CEO of Holistics GRC Consultancy
- Greg Touhill, CISM, CISSP, Brigadier General (ret), director; President of Cyxtera Federal Group, Cyxtera Technologies
- Asaf Weisberg, CISA, CRISC, CISM, CGEIT, director; Founder and CEO, IntroSight
- Tichaona Zororo, CISA, CISM, CGEIT, CRISC, COBIT 5 Certified Assessor, CIA, CRMA, director; Director, IT Advisory Executive with EGIT | Enterprise Governance of IT (Pty) Ltd.
- Chris Dimitriadis, CISA, CRISC, CISM, ISO 20000 LA, director and 2015-17 board chair; Group Chief Services and Delivery Officer at INTRALOT
- Rob Clyde, CISM, NACD Board Leadership Fellow, director and 2018-2019 board chair; Managing Director, Clyde Consulting LLC
- David Samuelson, ISACA Chief Executive Officer
Working together with nearly a half-million engaged professionals around the world and ISACA’s professional staff, the board is committed to driving toward an ambitious and promising future. The work that ISACA’s professional community performs in audit, governance, risk and security not only is essential to the success of the organizations that we serve, but also is becoming central to the health of our broader society as artificial intelligence and other high-impact technologies become pervasive.
ISACA has experienced remarkable growth during the 25 years in which I have been an active volunteer. During that time, the technology environment has become much more complex as we have ushered in the era of digital transformation and growing cyber threats. This change environment, and the corresponding challenges that have been created, provides a healthy sense of urgency to ensure that ISACA delivers even greater value to our professional community. In a world increasingly reliant on securely and effectively leveraging technology, the need to help professionals and their enterprises around the world realize the positive potential of technology provides a shared sense of purpose, and I am proud to play a part in this important work.
It can be surprising for professionals entering the workforce to realize that grades and knowledge is not the ultimate definer of your success. Not everything you learn can be taken from textbooks, lectures, or endless hours practicing your tasks. There are other steps and skills that are needed in order to reach the success level you have set out to attain – and one of the important steps is professional networking.
Now, networking does not mean attending social events solely, or just sharing experiences and knowledge. It is about building those trustworthy relationships with people in the industry that you are aiming to be part of, or that you already have joined. In a study conducted by Pepperdine’s Graziadio School of Business Management, 40 percent of respondents identified their current positions through either an existing network or the referral of a colleague or friend. These statistics have been rated higher than sharing your resumes directly with a human resources department or a response to a job posting, which emphasizes the impact that networking has on the final decisions made by recruiters.
Furthermore, if we examine the higher levels of organizations, such as executives and C-suite members, the reliance on networking consumes a higher percentage of their time, which underscores the value of such activity for the growth of an individual in an organization. The study showed that 58 percent of respondents believed there was a significant, substantial or dramatic increase in their income due to professional networking. A relationship can be seen when it comes to embracing leadership roles and professional networking.
As a young professional or a student, you will face a lot of challenges at first in identifying the correct crowd and network in them. There is no golden rule to follow when it comes to networking, but there are a few hints that you can take into consideration from people who have been there:
- The earlier you start, the better. Do not wait until you finish university or a year in your job passes by; the earlier you start scanning networks and approaching other professionals, the quicker you will be able to identify where you fit, start building those relationships and benefit from them at an early stage.
- Social media, social media, social media. Your geographic location no longer needs to be a limiting factor when it comes to networking. These days, you can reach out to different professionals, from different cultures across all countries and spectrums. Use this opportunity to build an international network that will be an eye-opener to many opportunities and topics of interest. LinkedIn can be especially useful, so if you do not have a LinkedIn profile, it is time to consider creating one.
- Be an active member. Being part of a conference or a professional development event not only updates your knowledge, but it also provides you with the ability to introduce yourself to the community with whom you are attempting to build your network. Always keep an eye on the event or conference calendars for institutes and organizations of interest. Attending events and engaging with professionals plays an important role when it comes to introducing yourself to a professional network, but focus on building a trustworthy relationship, rather just having a good laugh with someone. There are several institutes and organizations that host events that you can attend and start building your network, such as ISACA’s international conferences and chapter events.
- Maintain the relationships. It is not enough to just build a network without remaining involved and in touch with people. You should stay in steady contact with the people you believe will have a role in your success. Networking is a continuous cycle throughout the phases of your career.
- Professional women’s networking. Gender barriers tend to be more common in certain male-dominated industry networks, such as IT. Nevertheless, recently, we have seen signs of progress. A study showed that women corporate networks have high voluntary participation, and that more senior women were significantly more likely than their junior peers to report positive behaviors such as driving change, helping and supporting. So, if you are a young female professional or a bright female student, put yourself out there, and start confidently building your network without having any barriers shadowing your goals.
Editor’s note: For more resources on this topic, including a podcast with further insights from Mais Barouqa, visit www.isaca.org/young-professionals.
The value of being an active member in a professional organization such as ISACA cannot be overstated. ISACA’s global reach, diverse membership base, and thought leadership facilitate career growth and new opportunities for anyone interested in becoming engaged with the organization – and can be especially helpful for young professionals.
ISACA has a presence in 188 countries, including more than 220 chapters worldwide and offices in the United States and China. This extensive network provides incredible opportunities for young professionals and those new to the cybersecurity, IT audit, governance and risk management fields.
ISACA volunteers are afforded the ability to take on leadership roles at a much earlier point in their career than may be available to them in their regular day job. Young professionals get the chance to prove themselves immediately and develop new skills in a low-risk environment. In turn, this can result in accelerating their career growth at work.
A common misconception with volunteering is that you need to have extensive experience or free time, but that is not the case. ISACA offers many ways for young professionals to get involved and enhance their resume without any prior experience.
Local chapter engagement provides many volunteer roles for young professionals to step right in and make a difference. Board of director or chapter officer roles are great ways for someone early in their career to gain first-hand management skills while giving back to community. Local chapters often have a volunteer progression model to continually cultivate volunteers for greater responsibility and leadership. Many people who enjoy volunteering in a regional capacity often get involved supporting international initiatives as well.
ISACA HQ runs many working groups and initiatives that need professionals from diverse regions and experience backgrounds. These are excellent opportunities for young professionals to make a global impact and help shape the ISACA organization while building their personal brand and knowledge. Many young professionals have used these working groups as a launching point to bigger career opportunities or prominent leadership roles in ISACA.
ISACA facilitates short-term, ad-hoc volunteering such as blogging, translation of existing materials, content development, or other support that can be performed remotely when most convenient for the volunteer. This is great for those looking to get started and need to have schedule flexibility for when they can provide contributions.
As someone who has been a volunteer for ISACA since 2011, I can personally attest to the great value it has brought me on a personal and professional level. Through ISACA I’ve honed leadership skills, gained a greater global perspective, built my professional network, and made lasting friendships along the way.
I look forward to continuing my volunteer efforts with ISACA, and I hope you consider getting involved early in your career as well. It can make such a difference.
Editor’s note: For more resources on this topic, visit www.isaca.org/young-professionals.
I was always fascinated by the complexity of the technology discipline. The truth is, it’s very broad. ISACA helps to define some of the career pathways for young professionals through its educational resources and certification program. This made me think about where I saw myself adding value to the industry.
I come from a technical background but, after just a few years in the industry, I quickly realized that not all the problems could be solved through technology. I decided to learn more about information security management, culture and usability while studying for my MSc in Information Security. I also started attending local ISACA chapter events to learn from the practitioners in the field. The talks, conferences and networking opportunities I’ve been exposed to through these events (ISACA provides generous discounts for students) at an early stage helped me to narrow the focus of the research I was conducting for my postgraduate degree.
I wanted to understand the human element of security better and ended up writing my thesis on modeling conflicts between security compliance and human behavior. This involved working with people to understand root causes of poor security culture in organizations. I had an opportunity to present my findings to the ISACA community at a London chapter event and gather valuable inputs to refine my research. This laid the foundation for my book, “The Psychology of Information Security.”
Throughout my consulting career, working across various industries, I’ve seen some badly implemented security projects that completely missed the point. A lot of them didn’t have business objectives, and more importantly, people in mind. The truth is, the majority of employees within an organization are hired to deliver specific results or perform activities like marketing, managing projects, goods manufacturing and so on. Their main – sometimes only – priority will be to efficiently complete their core business activity, so information security will usually only be a secondary consideration.
Therefore, managing change and organizational culture should start with understanding your company, people in your company and what drives them. In the case of security, understanding motivation begins with understating why people don’t comply with information security policies.
I wrote this book to help security professionals and people who are interested in becoming one to do their job better. I believe that they not only need to ensure that a company is adequately addressing information security risks, but they also have to communicate the value of security appropriately in order to be successful. The main aim of the book is to gain insight into information security issues related to human behavior from both end-users’ and security professionals’ perspectives. It provides a set of recommendations to support the security professionals’ decision-making process when implementing controls and communicating these changes within an organization.
I conducted a number of interviews with security leaders from various sectors, including financial services, advertising, media, energy and technology, some of whom I met through my ISACA network. Their views, along with further relevant research, were incorporated into the book in order to provide a holistic overview of the problem and propose a solution. The feedback I’ve received from the community so far has been very positive, and I’m glad I have an opportunity to help people address some of the challenges they face in this area.
On a personal note, the project reinforced the value of connecting with professional networks – such as the one provided by ISACA – early in one’s career.
About the author: Leron Zinatullin (@le_rond) is an experienced risk consultant, specializing in cybersecurity strategy, management and delivery. He has led large scale, global, high value security transformation projects with a view to improving cost performance and supporting business strategy. He has extensive knowledge and practical experience in solving information security, privacy and architectural issues across multiple industry sectors. Visit Leron’s blog here: https://zinatullin.com/. To find out more about the psychology behind information security, read Leron’s book, The Psychology of Information Security.
Editor’s note: For more resources on harnessing the power of networking early in your career, visit www.isaca.org/young-professionals.
ISACA’s 50th anniversary year is about simultaneously honoring our past while visualizing how our professional community will innovate the future. Last week’s experience at our North America CACS conference in Anaheim provided tremendous inspiration on both fronts.
I will pay homage to ISACA’s remarkable past later in this post, but I want to start by highlighting a member story that underscores why we have such a bright future. I had the privilege of helping to open the conference by sharing the stage with ISACA board chair Rob Clyde and Kelly Lin, an impressive young professional and board member of ISACA's Los Angeles Chapter. Kelly is a rising leader in the IT audit world and an example of how transformative ISACA can be in our members’ lives.
After our time onstage together, I had a 1-on-1 conversation with Kelly that reinforced how fortunate I am to have become CEO last month of such an outstanding organization. Kelly recalled hearing about ISACA from a professor during her time as a college student in Los Angeles, and attending a career night event with ISACA’s Los Angeles Chapter to find out more. She quickly developed connections with members of the chapter, and even took on leadership roles while still a student.
Watch video of David’s
conversation with Kelly
Those ISACA networking connections paid major dividends once she graduated from college as she learned more about career possibilities in IT audit, transitioning from financial audit. Both of Kelly's first two jobs in the IT field, including her current role as AVP IT Audit Lead with East West Bank, came together through her ISACA network. She also continued to gain valuable early leadership opportunities through the Los Angeles Chapter, adding roles as treasurer, programs chair, conference registrar, volunteer chair and her ongoing service on the chapter board of directors.
“This entire journey, ISACA was there to help me put everything together,” Kelly told me. “It shaped who I am today and also my career because if it wasn’t for ISACA being able to provide that networking platform, I would not have had the opportunity to explore and dive into the world of IT.”
David Samuelson and Kelly Lin
True to ISACA’s mission, Kelly is committed to helping the next wave of rising professionals find their professional footing by working with them to provide leadership opportunities, develop their soft skills and – perhaps most importantly – engage them in dialogue about what they want from ISACA to help them grow their careers. That willingness to “pay forward” the benefits Kelly gained through ISACA is the exact mindset that ISACA will need to be even more impactful in the next 50 years.
How did ISACA and its community arrive at this point, so well positioned to meet the challenges of the present and the future? Another component of my experience at North America CACS offered insight. As part of the 50th anniversary celebration, several past board chairs attended the conference, including one of our founding members, Eugene Frank. It was humbling to spend time with these visionary leaders and listen to how meaningful ISACA has been in their lives, both personally and professionally. Each had such genuine passion in their voices as they recounted highlights from their leadership roles, some of which coming from the era when ISACA was known as the EDPAA. Hearing these reflections, it is easy to understand how ISACA has blossomed from Eugene and a handful of his associates in the Los Angeles area in 1969 to become the thriving global association of more than 140,000 members today.
Certainly the growing importance of leveraging technology for organizations around the world has aided in ISACA’s ascent. However, it is clear our greatest resources are the women and men who supplied their visionary wisdom and boundless passion to the organization – the true catalysts of ISACA’s first 50 years and continuing into the future. From Eugene Frank to Kelly Lin, and all of our purpose-driven professionals in between, ISACA has provided the learning network to further great individual accomplishments, strengthen our professional fields of interest, and set in motion lifelong relationships with treasured colleagues.
As Kelly, Rob and I concluded our time onstage in Anaheim, we led a record-setting North America CACS crowd in wishing ISACA a happy 50th birthday. In that spirit, my birthday wish for our professional community is for all of us to build upon the passion that our past leaders have poured into this organization, and to join in Kelly’s pledge to mentor and support the technology professionals of the future.
There is no better way to honor our past than by committing to work together toward an even more promising future.
At ISACA’s North America CACS conference Tuesday morning, an executive panel spoke on the past 50 years of tech disruption—and where technology is taking us in the future.
Technology has truly democratized society, according to the panelists.
“I want to impress on everyone how easy it is to disrupt technology today and how little knowledge you need in order to do it,” panelist Jed Yueh, founder of Amavar and author of Disrupt or Die, told the audience. “You can go from idea to building a company in very little time, and there are so many resources available.”
As an example, consider how long it took college student Mark Zuckerberg to effectively transform the world and how we interact socially. He coded Facebook in one week—and he wasn’t even an engineer.
Joining Yueh on the panel were:
- Kim Bollin, Vice President of internal Audit at Workday
- Ken Venner, Former CIO of SpaceX
- Jenai Marinkovic, CTO and CISO of Beyond
- Moderator Thomas Phelps IV, vice president of corporate strategy and CIO of Laserfiche
The panelists looked at industry predictions—both those that came true (the 1980s prediction that “decisions can and will be made by artificial intelligence, by computers grown large or very small like a pocket encyclopedia“) and those that fortunately never materialized—including Ken Olson’s 1977 statement, “There is no reason anyone would want a computer in their home” and an ISACA (then the Electronic Data Processing Auditors Association) prediction that said, “Many members will leave the association if the name is changed from the EDPAA to ISACA.”
They also shared what they believe to have been the most disruptive technologies invented in the past decades. Among the responses:
- The internet—It has democratized information and transformed the ability to transfer data
- Social—We can take the collective minds of humanity and bring them together on social. The privacy considerations are daunting, but while consumers say they absolutely want privacy, they are remiss to hold companies accountable when that privacy is breached.
- Mobile—We are now living in an always-on world.
- Cloud—We’ve taken the expense away and enabled accessibility for so many organizations, regardless of size and budget.
The executives also looked at future challenges and opportunities, such as:
- AI—How do you secure it? But even more importantly, what do you do if the data is laden in bias? If data or systems are biased, there are going to be serious social issues. AI is personalized in many ways. If a system has assumptions about certain races, for example, people’s livelihoods could be at risk.
- Retail disruption—Amazon is considering a model shift from shop and ship to shift and shop—where predictions are made about what you want and need, and you pay after receiving the items.
- Blockchain—The benefits are a more trusted, online, portable identity you can take with you everywhere—but there are still security issues and risks inherent with blockchain.
- Quantum computing—The implications and knowledge needed to understand a totally new technology stack are huge.
- The need to shift to data-centric organizations—Consider Disney, which has long been an entertainment, theme park and merchandise company. They are increasingly creating content and capturing data, and becoming truly data-centric.
Technology has truly changed the way we live and work for the past 50 years in which ISACA has been in existence —and the pace of change is only getting faster.
Where do you think technology will take us over the next decade?
From the days of determining how to secure and derive value from early computers to today’s challenges as organizations enact digital transformation, it has been a remarkable 50 years for ISACA’s professional community. That trajectory came into focus Monday during the 50th anniversary-themed “Spectrum of Professions” panel, part of ISACA’s 2019 North America CACS conference in Anaheim, California, USA.
Moderator Marios Damianides and panelists Kelly Lin, Jenai Marinkovic, Dean Kingsley, Paul Regopoulos and Andrew Tinseth took a decade-by-decade look at the advancement of technology before sizing up the challenges faced by governance, audit, risk and security professionals now and in the future.
“There’s been a lot of change in the past 50 years, and there’s going to be a lot more,” said Damianides, a past ISACA board chair. “The beautiful thing is we’ve been able to remain relevant.”
While much has changed in the realm of computers, information systems and technology – the panelists nostalgically recalled using Commodore 64s, early Apple computers and a range of other outmoded devices – Regopoulos emphasized some of the principles that have endured over the decades.
“There’s always going to be change, whether it’s a new topic, a new tool, a regulation, whatever it may be,” said Regopoulos, senior manager, information security audit, with The Walt Disney Company. “The fundamentals are always going to be what are the risks associated with them, and how do we respond?”
Kingsley, principal with Deloitte & Touche, said today’s professionals are uniquely positioned at the intersection of risk/governance and technology. While pursuing a technical career track in areas such as audit or cybersecurity are viable options, being mindful of the broader implications of technology on businesses, the economy and society can also make for exciting career options, he said.
“If you think about yourself first and foremost as a risk and governance professional who happens to focus on technology, I think that gives you so many options,” Kingsley said.
On the career progression front, Marinkovic said that those in attendance at the conference are logical candidates to advance into high-impact organizational roles such as chief information security officer and chief technology officer.
“The reason is that no one knows the business – the intersection of business and technology – better than auditors and better than security people,” Marinkovic said.
Citing the proliferation of sensors and the rise of artificial intelligence, Marinkovic finds the growing interplay between technology and biologic systems to be intriguing. She said there could be valuable lessons learned from a renewed focus on science.
“I would say it’s time for us to go back to our high school biology and start studying because there are a lot of things the natural world can teach us about this new world that we’re about to go into,” Marinkovic said.
Lin, AVP IT Audit Lead with East West Bank, said adaptability will be essential to excel amid the shifting technology landscape, providing the example of IT auditors needing to be able to add auditing cybersecurity to their traditional skill sets.
In his closing comment, Kingsley noted some of the major technology-related risks threatening society, and called on attendees to be part of the solution.
“Be brave and have an opinion,” Kingsley said. “It’s our time in the sun. … The world needs us. There’s never been a better time to be in this profession.”
On 25 April 2019, Microsoft passed the trillion-dollar market cap threshold and passed Apple as the most valuable company in the world.
Almost a year earlier, Satya Nadella, Microsoft’s CEO, talked about a new world vision that has helped propel the organization’s cloud and revenue growth. “It's amazing to think of a world as a computer,” Nadella said, referring to a planet filled with smartphones, Internet of Things devices and cloud computing.
And in a world that is a computer, Nadella has put AI at the heart of Microsoft’s business strategy: “AI is the run-time which is going to shape all of what we do going forward in terms of applications as well as the platform.”
The three dominant cloud vendors—Microsoft, Amazon and Google—are all aggressively selling AI offerings to enterprises today, weapons providers for a technology arms race. And by the looks of Microsoft’s latest earnings report for the second quarter of 2019, the strategy is working, led by phenomenal 76 percent Azure revenue growth.
Today, product teams can quickly take advantage of natural language processing (NLP), image recognition, machine learning, deep learning and a range of other AI services available in all the major clouds. Companies can add these technologies to their web sites, internal operations, applications and products—all imbued with the limitless speed and scalability of modern clouds.
With so much focus and availability of AI technologies, it’s important to understand how companies are positioned when it comes to AI—perhaps the most disruptive technology wave since the internet itself.
Companies embarking on AI projects and opportunities can be classified according to an AI maturity model.
At Level I, companies run AI programs that drive operational efficiency. These are the “dabblers” – companies that drive tens of billions in revenues a year but save only a couple million using AI to automate tasks previously done by human employees. Level I companies generally apply AI to internal opportunities with a clear cost-benefit analysis, like call center automation, and use AI services like NLP along with robotic process automation (RPAs) to eliminate manual repetitive work.
At Level II, companies run AI programs to drive significant earnings or revenue impact. These are the “practitioners.” They layer machine learning through their businesses and use it to transform user experience and customer value. They reimagine digital and even physical products with AI services, adding value and improving interactions at every turn.
At Level III, companies run AI programs that drive industry change and transformation. This is often the domain of big tech—the “experts.”
Facebook determines what we see in our feeds with AI. Apple uses AI and AI chips to power marquee iPhone features like Face ID and Siri. Microsoft, Amazon and Google sell their AI services to arm the rest of the world.
But companies in every industry have an opportunity to remake their worlds with AI technologies. Here are some questions to ask when you look at your internal AI initiatives to determine your level of AI maturity:
- Are you applying AI to a practical, internal project, with a clear target benefit? Then you are operating at Level I.
- Are you layering AI throughout your business, making a material difference in user experience, growth, revenues, or earnings? Then you are operating at Level II.
- Are you designing products that will redefine the future of your industry? Then you are operating at Level III.
If you haven’t started AI programs at all, you are at Level 0, and already falling fast behind the rest of the world.
In 10 years, the leading companies in nearly every industry will have taken full advantage of AI technologies to redefine their industry and solidify their positions. Companies need to use AI to drive disruption or will have competitors drive them to disruption.
Editor’s note: Jedidiah Yueh will be part of the “From Disruptive to Daily Dependence: 50 Years and Future Tech” panel on Tuesday, 14 May, at ISACA’s 2019 North America CACS conference in Anaheim, California, USA.
About the author: Jedidiah Yueh is the bestselling author of “Disrupt or Die,” a book that refutes conventional ideas on innovation with proven frameworks from Silicon Valley. Prior to his book, Jed put his frameworks to the test, leading two waves of disruption in data management, first as founding CEO of Avamar (sold to EMC in 2006 for $165M). Avamar pioneered data de-duplication and generated over $4B in cumulative sales. After Avamar, Jed founded Delphix, which accelerates enterprise data delivery for over 30% of the Global 100. In 2013, the San Francisco Business Times named Jed CEO of the Year. Jed has over 30 patents in data management and graduated Phi Beta Kappa, magna cum laude with a degree in English from Harvard.
The fast-changing technology and regulatory landscape calls for members of ISACA’s professional community to continually refresh their knowledge and training.
ISACA is committed to providing the needed resources for professionals and their enterprises to thrive in that change environment. In ISACA’s newly released 2018 Annual Report, find out how ISACA equipped its professional community for change throughout 2018, delivering resources such as a refresh to the COBIT framework, a new Cybersecurity Audit Certificate Program, an online hub of GDPR resources and much more.
As Rob Clyde, CISM, ISACA Board Chair wrote, “by embracing the importance of lifelong learning and diligently enabling the positive potential of technology, no matter what changes the future brings, we are poised to adapt, provide leadership in our fields of interest, and prosper.”
For more insights on how ISACA is working to help its professional community navigate change – including the full 2018 Annual Report and a related video – visit www.isaca.org/annualreport.
Editor’s note: Patrick Schwerdtfeger, closing keynote speaker at the GRC Conference 2019, to take place 12-14 August in Ft. Lauderdale, Florida, USA, is a business futurist specializing in technology topics such as artificial intelligence, blockchain and FinTech. Schwerdtfeger recently visited with ISACA Now to discuss how these and other components of digital transformation will reshape the business landscape going forward. The following is a transcript of the interview, edited for length and clarity:
ISACA Now: In what ways do you consider the human imprint on business to be most valuable as automation becomes increasingly commonplace?
Human interactions remain the foundation of almost every business, not only because humans are the ones making purchases, but also because humans are the ones controlling the delivery of products and services. In the near term, the risk is not that machines start acting more like humans; it’s that humans start acting more like machines. In order to have any longevity as a business, and loyalty from customers, businesses need to keep track of employee engagement levels, customer satisfaction levels and public perception levels.
ISACA Now: Do you think AI’s value will ultimately outweigh some of the potential malicious ways in which it can be misused?
Machine learning is affecting every industry segment, including cybersecurity. Hackers are using increasing sophisticated tactics to infiltrate corporate systems, whether to steal intellectual property, sell personal information, or extort money. These are scary propositions, and cybersecurity professionals are working overtime to stay ahead of malicious parties. Nevertheless, the same technology is poised to revolutionize every industry, delivering better outcomes for fewer dollars. The benefits of artificial intelligence and machine learning will vastly outweigh the risks. In the world of accounting and finance, in particular, the ongoing digital transformation will yield enormous efficiencies and reveal endless insights that businesses can use to enhance their business models.
ISACA Now: Social media certainly isn’t new anymore, but what might be a few new ways of approaching it that can provide organizations some quick wins?
The opportunities with social media have not changed and, similarly, the way in which most businesses fail to capitalize on social media have also not changed. Businesses typically use social media to announce promotions, describe products and/or services, and ask potential prospects to buy. Meanwhile, those are the worst possible messages for the social media medium. Social media is about human connection and telling stories. Social media posts should only provide value. They should never ask for anything – only give, give, give. Once the prospect has clicked on something to arrive on the business’ website, that’s when an offer can be made, not before. Companies can get some quick wins by developing a series of content pieces (including blog posts, white papers, videos, or PDF cheat sheets) to give away for free, and then present recipients with a compelling offer to engage on a deeper level.
ISACA Now: What are some overlooked ways in which organizations can make use of big data?
Big data offers endless possibilities for profitable insights. Each use case presents unique opportunities. However, it’s worth noting that the profitable use cases thus far have almost all involved predictive analytics. In other words, how can we evaluate existing data to anticipate future behavior? These days, companies are building increasingly complex models involving hundreds of different variables, to gain a better understanding of the customer or the process being analyzed. And since deep learning and reinforcement learning benefit from larger data sets, businesses are in a race to accumulate as much data as possible.
ISACA Now: What other technological trends do you expect to have the greatest business impact in the next 10 years?
The most impactful technology trends will all be driven by either (1) machine learning or (2) blockchain protocol. The machine learning trends include autonomous driving (Tesla, Waymo, Uber), cashier-less retail stores (Amazon GO stores), automated socialbot call centers (Google Duplex, Apple’s Siri, Amazon Alexa), and streamlined security checkpoints (airport security, etc.). The blockchain trends include more efficient supply chain systems (smart contracts, custom clearance), traceability and chain of custody (diamonds, GMO foods, title insurance), digital identity ledgers (ID2020, healthcare, KYC), and digital payments (Facebook cryptocurrency, Apple’s credit card, AliPay, WeChat Pay).