ISACA Now Blog


 ‭(Hidden)‬ Admin Links

Knowledge & Insights > ISACA Now

Why the Healthcare Industry Is Behind on Cyber Security

Larry Alton, Writer,
Posted: 6/26/2017 3:11:00 PM | Category: Security | Permalink | Email this post

Larry AltonThere are few industries that need strong cyber security as much as the healthcare industry. Patients are often dealing with life-threatening conditions, exchanging large amounts of money and financial information, and must have their privacy protected when it comes to medical records.

Yet, healthcare is still one of the biggest targets for cybercriminals. In 2015 alone, according to IBM, there were over 100 million breaches of medical records. While some organizations are committed to patient privacy no matter what it takes, most healthcare organizations are behind in terms of cyber security adoption and advancement.


Successfully Outsourcing IT Requires an Approach for the Long Haul

Mohammed J. Khan, CISA, CRISC, CIPM, Global Audit Manager
Posted: 6/23/2017 3:02:00 PM | Category: Audit-Assurance | Permalink | Email this post

Mohammed KhanThe concept of outsourced IT isn’t new and certainly has taken off with full force in both the public and the private sectors. There are some obvious reasons, risks and rewards stemming from the outsourcing of any function within an enterprise. It is important that these are carefully assessed and understood before making decisions that could become a slow-moving hazard for the enterprise.

The strategic decisions made by the organization to outsource is made with the idea of partnering with a provider to reduce cost, drive efficiencies and utilize expertise from dynamic and experienced talent. If an enterprise is to be effective in meeting its objective and accomplishing its mission, it is important to identify key factors for a sound, end-to-end lifecycle of this agreement with the outsource provider. 


Digital Forensics Professionals Encountering New Challenges

Bill Dean, Senior Manager, LBMC Security
Posted: 6/21/2017 3:05:00 PM | Category: Privacy | Permalink | Email this post

Bill DeanWhen I began performing digital forensics more than 10 years ago, things were relatively simple. At that time, the complexity of digital forensics revolved around ensuring each artifact of relevance was identified, and the proper tools to analyze them were available to leverage against computers used by the suspect.

The computer(s) of the suspect were typically the only focus. In some instances, we were also having to deal with mailbox exports of corporate users. When mobile devices came onto the scene in 2008 timeframe, our single device analysis approach to investigations was disrupted significantly. What are these things? Why don’t my hard drive forensics tools work on phones? We “forensicators” had no idea what challenges we would face in the next decade.


In Era of Digital Disruption, ISACA is Ready to Rise to the Occasion

Theresa Grafenstine, CISA, CGEIT, CRISC, CPA, CISSP, CIA, CGMA, CGAP, chair of ISACA’s Board of Directors and inspector general of the U.S. House of Representatives 
Posted: 6/19/2017 7:48:00 AM | Category: ISACA | Permalink | Email this post

Theresa GrafenstineMuch of what I learned about being a professional – and being part of a professional community – came through my association with ISACA.

As the first person in my family to graduate from college, I entered the workforce hungry for the educational resources, networking and professional growth opportunities to make an impact. ISACA provided that and much more, allowing me to envision and embark upon a career trajectory that otherwise would not have been possible.

My professional development was accelerated by pursuing ISACA volunteer opportunities such as helping to coordinate local conferences, which allowed me to make valuable industry contacts and build my project management skills. Eventually I became president of ISACA’s Greater Washington DC Chapter, providing another important opportunity to expand my skill set and learn more about the audit and assurance, governance, risk, and information and cyber security professions. Serving on several ISACA committees and on the board of directors provided further enrichment, both professionally and personally, as I am fortunate to have built treasured relationships with many of ISACA’s 130,000-plus members worldwide.


Building Skills and Capacity in the Banking System: A Case Study From India

Sunil Bakshi, CISA, CISM, CRISC, CGEIT, Consultant
Posted: 6/16/2017 3:07:00 PM | Category: Certification | Permalink | Email this post

Indian banks have deployed IT-based solutions to cater to increasing demands in the banking industry required for a growing economy. Adoption of technology has necessitated improving IT-related skills of experienced bankers. Considering the unavailability of internal IT skills, most banks resort to outsourcing IT activities. This has resulted in over-relying on third-party vendors and slackened the pace of acquisition of skills by bank employees.

Considering these limitations, the Reserve Bank of India (RBI) – India’s central bank – appointed a ‘Committee on Capacity Building’ that has made recommendations relating to particular areas/components of function, such as recruitment, performance assessment, promotion, placement, job rotation, and skills and capacity building. The committee also has made a number of recommendations for certification of staff in specialized areas, emphasizing that banks should make certification mandatory for the following areas:

<< First   < Previous     Page: 1 of 155     Next >   Last >>

 About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.


To volunteer to write a blog or suggest a topic send an email here.