ISACA Now Blog


 ‭(Hidden)‬ Admin Links

Knowledge & Insights > ISACA Now

Cybersecurity is a Proactive Journey, Not a Destination

Mike Wons, Chief Client Officer, PayIt
Posted: 8/17/2018 4:02:00 PM | Category: Audit-Assurance | Permalink | Email this post

Mike WonsCybersecurity continues to grab spotlight and mindshare as it pertains to computing and social trends.

The topic itself is broad and expansive, and the true impact of this segment of computing will be around for generations to come. For strong perspective on where the industry stands in its current state, ISACA’s State of Cybersecurity 2018 research is a must-read. This report provides a great assessment of what needs to happen in the cybersecurity field to move from reactive to proactive.


The AI Calculus – Where Do Ethics Factor In?

Posted: 8/14/2018 2:39:00 PM | Category: ISACA | Permalink | Email this post

While artificial intelligence and machine learning deployment are on the rise – and generating plenty of buzz along the way – organizations face difficult decisions about how, where and when to introduce AI.

In a session Tuesday at the 2018 GRC Conference in Nashville, Tennessee, USA, co-presenters Kirsten Lloyd and Josh Elliot laid out many of the ethical considerations that should be part of those deliberations.

The pair detailed several instances of high-profile AI events over the past decade that highlighted the need to give ethical components of AI deployment a high level of focus early in a product or service’s design, as opposed to risking unforeseen fallout. The examples included the development of a controversial algorithm that predicted higher rates of recidivism for black defendants in the judicial system and a Stanford University study exploring how often AI could determine a person’s sexual orientation based on photos of their faces.


A Prominent Place at the Table for Rural Technological Advancements

Matt Loeb, CGEIT, CAE, FASAE, Chief Executive Officer, ISACA
Posted: 8/13/2018 2:54:00 PM | Category: Risk Management | Permalink | Email this post

Matt LoebWhen the general public thinks about today’s exciting technological breakthroughs, the imagery that springs to mind is unlikely to be a crowded pigpen in China or yam fields in the farmland of Nigeria. Yet, rural areas are the frontlines for some of the most important gains technology is enabling in modern society. The growing imprint of technology-driven advancements on the agriculture industry and in rural areas, generally, is one of the tech field’s most promising success stories.

Digital transformation is making its mark on the agriculture industry, with the Internet of Things, blockchain, robotics and drones among the technological forces that are helping to offset modern obstacles with which previous generations of farmers did not have to overcome. In the not-so-distant-past, farmers fretted about the weather, pests and their equipment – and that was about it. Today’s farmers must contend with a range of more sophisticated challenges, such as market volatility, international trade friction, serious labor shortages, borrowing costs and capital availability, and an increasingly complex regulatory environment.


Five Keys for Adaptive IT Compliance

Posted: 8/13/2018 2:35:00 PM | Category: Audit-Assurance | Permalink | Email this post

The fluid technology and regulatory landscape calls on IT compliance professionals to be more flexible and proactive than in the past to remain effective, according to Ralph Villanueva’s session on “How to Design and Implement an Adaptive IT Compliance Function,” Monday at the 2018 GRC Conference in Nashville, Tennessee, USA.

The IT compliance function serves as an important bridge between the audit and IT departments, in addition to articulating business-related IT and security initiatives to management, and recommending and implementing appropriate compliance frameworks.

Business model changes, legal considerations, government requirements and evolving industry regulations are among the common reasons that organizations may need to more frequently explore switching their frameworks than in the past. Villanueva, IT security and compliance analyst with Diamond Resorts, referenced the General Data Protection Regulation (GDPR), which became enforceable in May, as an example of a recent regulatory shift that could have significant compliance ramifications. Additionally, he cited industries such as banking, healthcare and gaming as having special requirements calling for the use of compliance frameworks.


An Overlooked Upside to Cybersecurity Roles – They’re Fun!

Frank Downs, Director and SME, ISACA Cyber Security Practice
Posted: 8/10/2018 11:08:00 AM | Category: Security | Permalink | Email this post

Frank DownsRecent surveys and studies have emerged that show interest in cybersecurity as a potential career field at uncomfortable lows. In fact, a recent ProtectWise report showed that only 9 percent of millennials indicate cybersecurity is a career they are interested in pursuing at some point in their lives. This disturbing finding has far-reaching potential consequences in a field that desperately needs a stronger workforce.

To understand these findings, the study posits several factors that could be to blame for the low level of interest, from lack of exposure to cybersecurity in school curricula, to lack of personal connections, such as relatives, in the relatively new field of cybersecurity. However, another element, often hushed, and rarely acknowledged, lurks throughout the field’s perception – lack of fun. Sadly, many people don’t consider cybersecurity as a “fun” field – and that’s a false assumption, as there are multiple elements that make cybersecurity an enjoyable career path. Considering the level of engagement cybersecurity professionals enjoy, the evolving nature of the profession, its constant relevance, growth rate, and pay, cybersecurity can be a fun field, as long as individuals give it a chance.

<< First   < Previous     Page: 1 of 201     Next >   Last >>

 About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.


To volunteer to write a blog or suggest a topic send an email here.