When I was installed as ISACA’s international president, I made three promises. I said we’d continue to effectively serve our members who work in audit and assurance, we would drive adoption and use of COBIT 5, and we would make cybersecurity a top focus. Cybersecurity has climbed its way to the top of many of our priority lists. And we at ISACA have listened. To best serve our members and the profession, we are committed to doing for cybersecurity what we have done—and continue to do—for assurance and governance.
This is a pivotal moment—an exciting time in our industry. The tremendous global impact that cybersecurity issues and threats are having is creating many new challenges and opportunities for all of us. These challenges and opportunities bring with them an urgent need for skilled professionals who can protect and defend enterprises worldwide. Experienced security professionals are key to the success of fighting against cyberadversaries. We learned a lot about that from the Cybersecurity Credentials Collaborative (C3), including CompTIA, GIAC, ISACA, (ISC) 2, and ISSA, who met at our North America ISRM conference in November. They discussed what organizations need from cybersecurity professionals and how to develop candidates to effectively fulfill these roles. As panel members pointed out, we are in era of cybersecurity, and security is everyone’s responsibility. The only way to win the battle is to inspire the whole society to work together and get things done effectively.
Accomplishing a secure business environment—meaning a work culture backing proactive risk management and accurate risk decision making—is the stepping stone toward reaching the risk management goals of an organization. To achieve it, you need an efficient enterprise risk management (ERM) software system, which looks into your business intricacies.
There are many ERM software products available in the market, but you need to pick out the one solution that facilitates the ERM requirements of your enterprise. The ERM software you choose should enable you to convert risk intelligence to support the development of your decisions.
After attending the White House Summit on Cybersecurity and Consumer Protection, I agree with the paradox raised by President Barack Obama—the very technology that can be used to do great good can also be used to imperil us and do great harm. The President labeled cybersecurity threats as one of the most serious economic national security challenges today.While the resolve of CEOs and government leaders for more global collaboration and information sharing was encouraging, I found it even more reassuring to hear them recognize the need for significantly more skilled cybersecurity professionals. Cyberattacks are damaging enough when intellectual property, personal information and emails are stolen; but the potential for attacks on water and electrical systems and even your car or pacemaker would be far more catastrophic. Cybersecurity is a matter of public safety and must be treated as such.
Q: Your new book came out today, and it’s called Future Crimes. What are these future crimes?
A: It is an understatement to say that there is a dark side to the countless technological advances that have benefited our world in immeasurable ways over the last decade. But did you know that hackers can remotely activate the baby monitor in your nursery to spy on your family? That thieves are tracking you on social media and plotting their home invasions based on those beautifully filtered vacation photos you posted on Instagram? That your new iPad camera, pretty much any kind of smart toy in your home and even your car can be hacked? And this is just the beginning of the tsunami of technological threats coming our way as robotics, artificial intelligence, synthetic biology, nanotechnology and quantum computing advance. In FUTURE CRIMES: Everything is Connected, Everyone is Vulnerable, and What We Can Do About It, I deliver a definitive look at the digital underground—exposing the alarming ways criminals, corporations and even countries are using new and emerging technologies against you—and how this makes all of us more vulnerable than we ever imagined.
Today’s business environment is fraught with risk. Economic, technology and market conditions affect organizations on a daily basis. The constantly “changing risk landscape” is a discussion point in headlines, industry forums, media outlets and board rooms. We are moving to a world where risk management will become the primary source of competitive advantage. Rather than avoiding risk, organizations need the ability to embrace risk with confidence.
Risk management will become the core capability which separates winners from losers. Organizations that understand and manage risk effectively will prosper, while those that cannot will fail. Success starts with the ability to manage operational risk in a manner that frees up resources to focus on the company’s long term, strategic objectives. This does not happen overnight.
This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.
The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.
Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.
To volunteer to write a blog or suggest a topic send an email here.