journal header

Volume 3, 2017

This Week's Online-Exclusive Feature

Breach Your Castle for Better Security

Breach Your Castle for Better Security
21 June 2017
Danelle Au

Asymmetric warfare is “the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent’s strengths while exploiting his weaknesses.” Similar to guerrilla or unconventional warfare, the term implies a conflict between opponents of widely disparate resources and capabilities. Asymmetric warfare is often characterized by a small, resourceful and determined force fighting a much larger, technologically advanced and organized army. The objective of asymmetric warfare is not to overwhelm the enemy, but to harass and weary the enemy until the cost of victory becomes untenable.

Security has become a kind of disproportional war, in which defenders are engaged in a constant fight and face difficult odds. Read More >>

Indicates Online-Exclusive Content



Podcast  New!
ISACA Journal Volume 1 Podcast

The Automation Conundrum

This Week's Featured Blog

Danelle AuUsing Hackers’ Own Tools Against Them
26 June 2017
Danelle Au

There is a certain satisfaction that comes from turning the tables on a seemingly unbeatable adversary. Luke Skywalker exploited a design flaw to destroy the Death Star. Rocky Balboa exploited Ivan Drago’s arrogance to win a boxing round. Sarah Connor exploited a reprogrammed Arnold Schwarzenegger to beat the T-1000 in Terminator 2.

In cyber security, the hacker community often seems as evil as Darth Vader, as cold as Ivan Drago and as relentless as the Terminator. Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

The Soft Skills Challenge, Part 7

Data Management Body of Knowledge—A Summary for Auditors

Risk-based Audit Planning for Beginners

The Auditors, IS/IT Policies and Compliance

Preparing for Auditing New Risk, Part 2

Preparing for Auditing New Risk, Part 1


Full Journal Issues

Volume 3, 2016 Data Privacy

Volume 2, 2016 Project Management: Methodologies and Associated Risk

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance