ISACA Now Blog


 ‭(Hidden)‬ Admin Links

Knowledge & Insights > ISACA Now

Fortune Favors the Tech-Savvy: A Portrait of Tomorrow’s Digital Transformation Enterprise Leaders

Matt Loeb, CGEIT, CAE, FASAE, Chief Executive Officer, ISACA
Posted: 12/13/2017 3:16:00 PM | Category: Risk Management | Permalink | Email this post

Matt LoebToday’s digital economy sees established enterprises competing against start-ups, all enterprises worried about risk, and smart enterprises deploying digital technologies capable of transforming their enterprise, and enabling better business-to-customer interactions and relationships.

Opportunity abounds; our global digital economy presents new possibilities almost daily. The problem is, not every enterprise is taking advantage of those opportunities. ISACA’s recently released Digital Transformation Barometer research shows that slightly less than a third of enterprises are making it a priority to evaluate the opportunities emerging digital technologies might bring on a frequent basis. That means more than two-thirds of enterprises aren’t realizing their full potential in the digital economy.


ISACA Awards: Recognizing Contributions Positively Impacting ISACA

Melissa Swartz, CAE, Volunteer Engagement Manager, ISACA
Posted: 12/12/2017 3:05:00 PM | Category: ISACA | Permalink | Email this post

Melissa SwartzAs ISACA’s volunteer engagement manager, I realize how fortunate I am to have found myself working for an organization bringing together some of the most passionate, dedicated and talented people I’ve ever encountered. Case in point: as I write this blog post from a hotel room, in between attending the Asia Pacific CACS conference and Asia Pacific Chapter Leader event in Dubai, and the GDPR Working Group meeting in Greece, I am awestruck at the thought leadership, volunteer leadership and industry leadership surrounding me at every turn, in every city, on every business trip I take.


Risk Analysis Inputs Critical in Assessing Vulnerabilities

Dominic Sellitto, Cybersecurity Consultant
Posted: 12/8/2017 3:05:00 PM | Category: Risk Management | Permalink | Email this post

Dominic SellittoThe fact is, new vulnerabilities come to light every day. Unfortunately, staying ahead of these new vulnerabilities, or otherwise addressing them promptly, has proven to be incredibly difficult (not to mention costly). The good news is, not all vulnerabilities impact every organization. But, for vulnerabilities that do apply, it often is difficult to make risk-based decisions to address them – do we mitigate, avoid, transfer, or accept them?

These decisions become a great deal easier when organizations include the likelihood of an exploit along with a vulnerability's impact as risk analysis inputs. In these cases, impact is often relatively straightforward. For example, we might consider legal, strategic, financial, operational, or reputational impacts or, as Common Vulnerability Scoring System (CVSS) does, we might consider impact to classic objectives like confidentiality, integrity and availability.


2018 Predictions for Cyber Security

Ravikumar Ramachandran, CISA, CISM, CGEIT, CRISC, CISSP-ISSAP, SSCP, CAP, PMP, CIA, CRMA, CFE, FCMA, CFA, CEH, ECSA, CHFI, MS (Fin), MBA (IT), COBIT-5 Implementer, Certified COBIT Assessor, ITIL-Expert & Practitioner, Account Security Officer, DXC Technology, India
Posted: 12/6/2017 3:02:00 PM | Category: Security | Permalink | Email this post

Ravikumar RamachandranWith rapid digitization and the inter-networked world leading to a huge data explosion combined with the relentless growth of transformative technologies, the importance of cyber security – now and in the future – is unquestionable.

As 2018 approaches, here are my top five predictions for cyber security in the coming year:

  • Huge demand for security professionals with evolving and grounded expertise
  • Stringent global regulations
  • Ransomware, DDoS attacks and cyber warfare
  • Explosion of threats, vulnerabilities and IoT
  • Privacy and ethics concerns for big data, and back to basics

Huge demand for security professionals with evolving and grounded expertise
Industry requires skilled cyber security professionals who can not only meet the current challenges, but also evolve continuously with the changing technology landscape and with the associated threats and vulnerabilities. Some of the top skills needed in the context of the evolving threat scenario are as follows:


The Shadow Brokers: Hacking Tool Proliferation

Blake Darche, CSO and Co-Founder, Area 1 Security
Posted: 12/5/2017 3:43:00 PM | Category: Security | Permalink | Email this post

Blake DarcheThe case of The Shadow Brokers, the group responsible for the disclosure of hacking tools created by “The Equation Group,” impacts the enterprise through the disclosure of hacking tools. These tools were repurposed by other hackers and resulted in several other cyberattacks, including WannaCry. The disclosed tool set includes exploits, windows, Linux and router/firewall tools. In essence, the tools are a hacking how-to for wannabe hackers, making even less sophisticated hackers more sophisticated.

<< First   < Previous     Page: 1 of 174     Next >   Last >>

 About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.


To volunteer to write a blog or suggest a topic send an email here.