journal header

Volume 4, 2016

This Week's Online-Exclusive Feature

Book Review—Advanced Persistent Threats: How to Manage the Risk to Your Business
17 August 2016
ISACA | Reviewed by Larry Marks, CISA, CISM, CGEIT, CRISC, CFE, CISSP, CSTE, ITIL, PMP

What are advanced persistent threats (APTs)? What is their impact? An APT is a specific targeted and sophisticated attack that keeps coming after the victim and is not easily stopped by a defensive program. Everyone is at risk for these attacks, and they make it necessary to prevent, detect and respond to attacks on a timely basis to ensure the confidentiality, integrity and availability of critical data.

The Trojan horse malware package Zeus, which was identified about nine years ago, is used to steal credentials for banking and credit card payments or for logging into a social network. Read More >>

Indicates Online-Exclusive Content

 

 


This Week's Featured Blog

While You Are Away From Home
22 August 2016
Amgad Gamal, CISA, COBIT Foundation CEH, CHFI, CISSP, ECSA, ISO 27000 LA, ISO 20000 Lead Practitioner, MCDBA, MCITP, MCP, MCSE, MCT, PRINCE2 Foundation/Practitioner

Amgad Gamal, CISA, COBIT Foundation CEH, CHFI, CISSP, ECSA, ISO 27000 LA, ISO 20000 Lead Practitioner, MCDBA, MCITP, MCP, MCSE, MCT, PRINCE2 Foundation/Practitioner, has more than 18 years of experience in service management and information security in more than 8 international companies and organizations. Gamal is currently the regional IT manager for Middle East and Eurasia region in one of the biggest international non-profit non-governmental organizations worldwide.

You may require Internet access while traveling, commuting, attending an external meeting or while on vacation. However, this type of connection can pose a security risk. Read More >>

Indicates Online-Exclusive Content

 

 


What's New for Nonmembers

IS Audit Basics Articles

Elements of an IS/IT Audit Strategy, Part 1

Auditing IS/IT Risk Management, Part 3

Auditing IS/IT Risk Management, Part 2

Auditing IS/IT Risk Management, Part 1

Is There Such a Thing as a Bad IS Auditor? Part 2

Is There Such a Thing as a Bad IS Auditor? Part 1

 

Full Journal Issues

Volume 4, 2015 Regulations & Compliance

Volume 3, 2015 Governance and Management of Enterprise IT (GEIT)

Volume 2, 2015 Opportunities and Challenges of New Technology

Volume 1, 2015 Analytics and Risk Intelligence

Volume 6, 2014 Cybersecurity

Volume 5, 2014 Mobile Devices