journal header

Volume 2, 2019

This Week's Online-Exclusive Feature

Enterprise Transformation to Cyberresiliency

Enterprise Transformation to Cyberresiliency
24 April 2019
Robert Putrus, CISM, CFE, CMC, PE, PMP

Serious cyberbreaches with criminal intent and attacks on enterprises are becoming more alarming due to their scale, magnitude of severity and progressive consequences. The average cost of each lost record rose from US $141 to US $148, the average cost of a breach of 1 million records was nearly US $40 million, and the cost of a breach of 50 million records was estimated to be US $350 million. The average time to detect and contain a mega breach was 365 days.

These malicious attacks will continue to trend upward due to the integration of enterprises’ supply chain, organizations having a multinational presence, the availability of tools to carry out these attacks, the success and rewards of attacks and, above all, the harm that can be done by attacks that are state sponsored. Read More >>

Indicates Online-Exclusive Content



This Week's Featured Blog

Nipon Nachin and Ekkorn Rattanaekkawin

The Impact of the Thailand Cybersecurity Law
22 April 2019
Nipon Nachin, CISA, CISM, CISSP, CEPAS DPO, PCI QSA, and Ekkorn Rattanaekkawin, CEPAS DPO

In the past 5 years, the cybersecurity agenda has been raised and discussed and in many forums because cyberattacks have been developed for various purposes, and the number of cybersecurity incidents or data breaches have increased dramatically every year. After major incidents around the world in the past few years, cyberattacks have caused several impacts on public services, business, people and even the accusation of the cybercrime from others. Therefore, many countries, such the United Kingdom, German, Estonia, Australia, Canada and Singapore, have developed and issued laws to take action on cybersecurity, such as the national strategy, guidelines of implementation and reporting. Generally, all cybersecurity acts are focusing on industries identified as critical infrastructure (CI) or critical information infrastructure (CII) of the nations, such as national security, financial, telecommunication, public transportation and logistics, healthcare and energy sectors. Read More >>

Indicates Online-Exclusive Content



What's New for Nonmembers

IS Audit Basics Articles

Auditing Cybersecurity

Assurance Considerations for Ongoing GDPR Conformance

Affect What Is Next Now

Auditing the IoT

Add Value to What Is Valued

Auditing Data Privacy


Full Journal Issues

Volume 2, 2018 Innovation Governance

Volume 1, 2018 The Future of Data Protection

Volume 6, 2017 Transforming Data

Volume 5, 2017 Enabling the Speed of Business

Volume 4, 2017 Mobile Workforce

Volume 3, 2017 The Internet of Things

Sponsored Feature Articles

Why Security Product Investments Are Not Working

Why Attackers Are Turning Their Attention Toward ERP Applications

Innovating Internal Audit to Unlock Value

Centralized, Model-Driven Visibility Key to IT-OT Security Management

The AICPA’s New Cybersecurity Attestation Reporting Framework Will Benefit a Variety of Key Stakeholders

Indicators of Exposure and Attack Surface Visualization