ISACA Now Blog


 ‭(Hidden)‬ Admin Links

Knowledge Center > ISACA Now

Closing the cybersecurity skills gap

Eddie Schwartz, CISA, CISM Posted: 4/16/2015 7:45:00 AM | Category: Audit-Assurance | Permanlink | Email this post

Organizations are realizing that it is not a matter of if a cyberattack will occur against their enterprises; it is a matter of when. This realization is causing executives and board members to take a growing interest in what is being done to protect and defend their top non-human asset: information. Support for growth in cybersecurity staffing is here; the problem is that the pool of skilled cybersecurity talent is facing a drought.

To address the global cybersecurity skills shortage, ISACA has launched a portfolio of innovative skills-based cybersecurity training courses and performance-based exams and certifications, through its Cybersecurity Nexus (CSX). These new CSX certifications are providing a benchmark that will help shape the future of cybersecurity hiring and the career progression of cybersecurity professionals. CSX will help assure cybersecurity pros that they can keep their skills sharp in the face of evolving threats, changing technology, and highly motivated adversaries who seem to get cleverer every minute. Organizations will have assurance that candidates have the right skills to address cybersecurity incidents from day one on the job, and that their security teams have the most important and current skills, knowledge and advanced capabilities.

This ISACA effort is critical, as 82 percent of organizations expect to experience a cyberattack in 2015. But, they feel they are relying on a workforce that is not qualified to handle complex threats, according to the State of Cybersecurity: Implications for 2015 survey from ISACA and RSA Conference. The results also revealed that 35 percent are unable to fill open cybersecurity positions.


International President: Addressing the current state of cybersecurity

Robert E Stroud, CGEIT, CRISC Posted: 4/14/2015 7:43:00 AM | Category: Security | Permanlink | Email this post

It is no secret that more and more organizations are experiencing cyberattacks, and many go undetected for lengths of time. ISACA and RSA recently joined forces on the State of Cybersecurity: Implications for 2015 survey, which uncovers issues surrounding hacks, cyberattacks, security positions, budgets and policies. As threats grow in number and complexity, it is important that organizations are equipped with the right information, team and resources to address the issues.


Becoming CISM: Tips for revision and exam day success

Darren Hampton, CISM Posted: 4/7/2015 3:02:00 PM | Category: Certification | Permanlink | Email this post

The CISM examination is difficult. Not only is there a lot of material to know and revise, but the exam is long—at four hours, it is much longer than many of us will have experienced during our formal education. Here are some tips from my own experience to help you through the ISACA exam process for all certifications.


Start with the practice exam in the CISM review book. You will find it to be hard work. I had to force myself to read each question carefully towards the end. Self-marking this exam identifies the areas for improvement in revision. Going through these questions will help you to understand the question format on the exam. These questions are not actual or even retired questions from an exam.


The cost to a CFO of ignoring the obvious

Jeremy Sucharski, CISA, CRISC Posted: 4/2/2015 3:06:00 PM | Category: Audit-Assurance | Permanlink | Email this post

Companies pay a high price for assuming existing safeguards will prevent a data breach. According to a CB Insights article, Cybersecurity Startups Have Raised $7.3 Billion Over 1,028 Deals, a litany of high-profile security breaches impacting both the private and public sector have made cybersecurity start-ups an increasingly hot area for investment. Since 2010, deals and dollars increased steadily growing by more than 100 percent in both areas. Funding in 2014 broke the US $2 billion barrier for the first time, while deals continued their steady ascent, growing 4.3 percent from 2013 to 269 deals.


An ISACA topic leader’s journey

Ian Cooke, CISA, CGEIT, CRISC, COBIT Foundation, CFE, CPTS, DipFM, ITIL-F, Six Sigma Green Belt Posted: 3/31/2015 3:08:00 PM | Category: ISACA | Permanlink | Email this post

I remember the first time I saw ISACA International President Robert E Stroud talk. I was really impressed by his knowledge and how he engaged with the audience. I remember thinking, ‘I wish I could do that!’

I am not Robert and I do not have his confidence in front of an audience, but I do have considerable experience in IT and IT audit, and with that comes knowledge. I wanted to participate and give something back to the profession, so I decided to volunteer as a “topic leader” in the ISACA Knowledge Center.

The ISACA Knowledge Center is a professional networking and knowledge meeting place for professionals who share common professional interests. It can help participants build a new understanding through exchanging information and experiences on more than 100 IT-related topics.

<< First   < Previous     Page: 1 of 95     Next >   Last >>

 About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.


To volunteer to write a blog or suggest a topic send an email here.