The ISACA Podcast gives you insight into the latest regulations, trends and threats experienced by information systems auditors and governance and security professionals. Whether you are beginning your career or have decades of experience, the ISACA Podcast can help you be better equipped to address industry challenges and embrace opportunities.
…
continue reading
SAP systems are treated differently than many other enterprise applications from a cybersecurity perspective. Most SAP security teams are siloed and left to meet security objectives on their own. Since SAP is so integral to organizations, it is unusual for SAP security objectives to not be on the radar of an existing 24/7 cybersecurity team executi…
…
continue reading
1
What Enterprises Need to Know About ChatGPT and Cybersecurity
21:44
21:44
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
21:44
Many people are pondering whether generative artificial intelligence (AI) tool ChatGPT is a friend or a foe. In this ISACA podcast episode, Camelot Secure Director of Solutions Engineering Zachary Folks discusses not only his view of how ChatGPT can be considered an evolution of the encyclopedia, but importantly how it is aiding cybersecurity profe…
…
continue reading
1
The Cyber Standard Podcast - Episode 4
48:45
48:45
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
48:45
Welcome to Episode 4 of "The Cyber Standard Podcast"! Join host Ameet Jugnauth, Vice President of the London Chapter of ISACA, as he delves into the world of cybersecurity standardization. In this episode, titled "Becoming a License Body," Ameet is joined by esteemed guests Bryan Lillie, Strategic Technical Lead at the UK Cyber Security Council, an…
…
continue reading
1
The Cyber Standard Podcast - Episode 3
55:25
55:25
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
55:25
Welcome to Episode 3 of "The Cyber Standard Podcast"! Join host Ameet Jugnauth, Vice President of the London Chapter of ISACA, as he delves into the essential aspects of applying for and assessing candidates in the cybersecurity field. In this episode, titled "How to Apply," Ameet is joined by distinguished guests Ethan Duffell, representing the UK…
…
continue reading
1
Effective Third Party Risk Management in 2024: AI’s Impact and Future Trends
31:23
31:23
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
31:23
Traditional security questionnaires just aren't cutting it anymore. Tune into this ISACA Podcast episode, Chris McGowan chats with VISO TRUST CEO and Co-founder, Paul Valente as they delve into the evolving landscape of Third-Party Risk Management (TPRM), exposing the limitations of current methods and exploring how emerging AI trends are shaping a…
…
continue reading
1
Unlocking Strategic Value from a Bug Bounty Program
27:14
27:14
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
27:14
Are you curious about how to maximize the strategic value and impact of your bug bounty program? In this episode, you can learn how Adobe continuously develops and improves its bounty program to engage security researchers and hackers globally and improve its security posture from an adversary perspective. In this ISACA Podcast, Chris McGown, ISACA…
…
continue reading
1
The Cyber Standard Podcast - Episode 2
42:35
42:35
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
42:35
Welcome to Episode 2 of "The Cyber Standard Podcast"! Join host Ameet Jugnauth, Vice President of the London Chapter of ISACA, as he delves into the intricacies of cybersecurity standardization. In this episode, titled "Audit and Assurance," Ameet is joined by esteemed guests Leanne Sperry, Project Manager for Standards Development at the UK Cyber …
…
continue reading
1
The Cyber Standard Podcast - Episode 1
41:39
41:39
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
41:39
Tune in to the inaugural episode of "The Cyber Standard Podcast," “The Vision!” Join host Ameet Jugnauth as he interviews Robin Lyons, ISACA Principal, IT Audit Professional Practices, and Annmarie Dann, Director of Professional Standards at the UK Cyber Security Council, in a compelling discussion about the standardization of specialisms in cybers…
…
continue reading
1
Measuring Security Risk Against Dynamic Threats
28:34
28:34
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
28:34
Getting dressed is a routine example of everyday life packed with choices. Should I wear pants or shorts? Do I need a sweater? Shoes or sandals? While we often make these choices subconsciously, even actions that don’t appear as choices include several microscopic risk-based calculations. These judgments are executed based on some estimate of risk,…
…
continue reading
1
Reflecting on 25 Years of Information Security Matters
13:54
13:54
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
13:54
ISACA recently marked the 25th anniversary of Steve Ross’ ISACA Journal Information Security Matters column. Over the last quarter century, technology, security, and the workforce have evolved, while certain challenges remain the same. In this ISACA Podcast episode, Safia Kazi speaks to Steve about how he started writing for the Journal, societal s…
…
continue reading
1
A View into CTEM Exposure Management: Reducing your Attack Surface 3x
43:00
43:00
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
43:00
Organizations can no longer rely on legacy vulnerability management solutions to protect against even basic attacks. Instead, vulnerability management is just one small component in a unified continuous threat exposure management (CTEM) approach to securing an enterprise from malicious intruders and ransomware. In addition to vulnerability manageme…
…
continue reading
1
Leveraging Agile Concepts for Neurodiverse Auditors
28:43
28:43
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
28:43
In this ISACA Podcast episode, we’ll delve into how leveraging Agile concepts can mitigate common challenges neurodiverse auditors face in the workplace. Neurodivergent auditors can bring a fresh and dynamic energy to projects if given appropriate accommodation. Join us as ISACA's Robin Lyons chats with Program External Audit IT Program Manager Ama…
…
continue reading
1
Minimizing Risk and Audit Requests
21:16
21:16
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
21:16
With the increasing demand for audits and risk assessments, artifact requests will not be going away anytime soon. However, the burden these activities bring to the organization can be drastically reduced when audit and risk work together. In this ISACA Podcast episode, Paul Phillips, Director of Event Content Development at ISACA, hosts Staff Gove…
…
continue reading
1
Issue Management Confidential: Tools and Best Practices for Improving IT Issue Management
28:40
28:40
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
28:40
Effective IT issue management is crucial for organizations to mitigate financial loss, reputational damage, and operational disruptions. Issue management tools streamline the process by tracking and resolving issues, while risk rating helps prioritize responses based on their impact and likelihood. In this ISACA Podcast episode, ISACA's GRC Profess…
…
continue reading
1
Improving Security while Enabling Market Access with CCF
22:22
22:22
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
22:22
Software-as-a-Service (SaaS) providers continue to face increasing customer demand to attain security compliance certifications that demonstrate commitment to security, privacy, confidentiality, and more. Pursuing every national and international certification individually results in a repetitive cycle of ongoing walkthroughs, interviews, testing, …
…
continue reading
1
Scaling Your Threat Modeling Program
18:45
18:45
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
18:45
Understanding product security risk starts before a single code line is written. Teams can discover threats to the architecture of a system early in the development life cycle with Threat Modeling. While it’s not a new concept, how do we transform traditional ways of Threat Modeling to meet the complexities of modern software development at scale? …
…
continue reading
1
Secure your Supply Chain with an Effective Vendor Security Program
15:43
15:43
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
15:43
Security risks introduced by vendors have become a top-of-mind concern for executives today, driven by recent supply chain incidents that have exposed organizations to operational and reputational risks. A robust vendor security program is now a must, as it helps ensure compliance and proactively identifies and mitigates these risks throughout the …
…
continue reading
1
Cultivating Inspired Leaders with Kristi Hedges
21:11
21:11
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
21:11
If we want people to bring their most creative, innovative selves to work, we need to cultivate a culture where inspiration is given, encouraged, and fostered. In this ISACA Podcast, Kristi Hedges, executive coach, and leadership development consultant, speaker, and author, gives a sneak peek of her upcoming member-exclusive 'Cultivating Inspired L…
…
continue reading
1
Exploring the Benefits of Neurodiversity within Cybersecurity
33:58
33:58
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
33:58
Neurodiversity within cybersecurity offers many benefits but requires organizations and hiring managers to re-evaluate hiring practices and job descriptions typically structured for neurotypical applicants. Join ISACA's Director of Professional Practices and Innovation as he hosts a conversation with a company helping to remove barriers and maximiz…
…
continue reading
1
Internal Audits That Create Stakeholder Value Adopting an Agile Mindset
22:09
22:09
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
22:09
Agile Scrum is a lightweight framework that promises to significantly improve internal audits by creating a mindset that generates stakeholder value through adaptive solutions for complex auditing problems. This mindset is needed as organizations face unprecedented changes and pressures in today's business landscape. Internal audits must keep leade…
…
continue reading
Chronic workplace stress can lead to burnout, which poses a significant risk to the mental health of busy professionals, such as auditors. But how can these professionals protect themselves from burnout? And how can their employers help them do so? If you are interested in learning the answers to these questions, then watch as ISACA’s Robin Lyons a…
…
continue reading
1
The Danger of Distraction in Augmented Reality
21:35
21:35
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
21:35
While users of technology are becoming more educated in how to avoid cyberattacks such as phishing, a distracted user might be more prone to missing signs of social engineering. This project explored whether users immersed in augmented reality applications were more inclined to fall for an on-screen text message that prompted familiarity (such as a…
…
continue reading
1
Managing Human Risk Requires More Than Just Awareness Training
21:22
21:22
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
21:22
A comprehensive information security awareness program must be in place to ensure that employees are aware of and educated about the threats they may encounter at the workplace. The workforce needs to be prepared to know how to respond to these threats. It all starts with a risk assessment to identity the most critical of risks that need to be miti…
…
continue reading
1
Preparing for Interruptions, Disruptions and Emergence Events
36:00
36:00
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
36:00
This podcast speaks about how an Information Systems (IS) Auditor can prepare for the Interruptions, Disruptions and the Emergence events that happen to the business and to technology. Describing the features of Interruptions, Disruptions and Emergence events and distinguishing the differences between them, special guest Anantha Sayana outlines how…
…
continue reading
1
IS Audit in Practice: Data Integrity On Demand
41:21
41:21
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
41:21
On this podcast, ISACA's Hollee Mangrum-Willis and special guest Cindy Baxter discuss the disparities between American communities and access to electronic health records. From there, they examine how key data insights from the ISACA community can help us all be healthier.द्वारा ISACA Podcast
…
continue reading
1
ISACA Live | Digital Trust Priorities for Privacy and Emerging Tech
28:54
28:54
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
28:54
ISACA Digital Trust Advisory Council Members Anne Toth and Michelle Finneran Dennedy will discuss privacy concerns and priorities around emerging tech and the most critical considerations for ensuring strong digital trust. Hosted by ISACA's Safia Kazi.द्वारा ISACA Podcast
…
continue reading
1
Processes of Engagement with Scott Gould
23:56
23:56
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
23:56
Scott Gould is the author of 'The Shape of Engagement: The Simple Process Behind how Engagement Works.' In this podcast, Scott gives a sneak peak at his upcoming member-exclusive, CPE-eligible event. Scott will discuss the essential frameworks for understanding and operationalizing engagement and building enduring connections with your networks and…
…
continue reading
1
Delivering Security Value to Product Teams Using the Power of Data
22:00
22:00
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
22:00
In security, aligning with product teams has never been more important, especially when outmaneuvering adversaries. To foster a truly productive and action-oriented cybersecurity culture, security teams must begin addressing their product engineering counterparts as customers they serve rather than entities they govern. In this podcast, ISACA’s Chr…
…
continue reading
1
AI Ethics and the Role of IT Auditors
30:08
30:08
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
30:08
We, as a society, have always lived by certain norms that are driven by our communities. These norms are enforced by rules and regulations, societal influence and public interactions. But is the same true for artificial intelligence (AI)? In this podcast we discuss and explore the answers to some of the key questions related to the rapid adoption o…
…
continue reading
1
Using a Risk-Based Approach to Prioritize Vulnerability Remediation
27:53
27:53
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
27:53
Organizations today struggle with vulnerability management. More specifically, remediating vulnerabilities in a timely manner poses a challenge. With vulnerability remediation backlogs growing at an alarming rate, what can organizations do to meet their established remediation timelines and to protect the organization from cybersecurity threats. Cy…
…
continue reading
Guests Jack Freund and Natalie Jorion discuss the need for additional data for quantitative risk analyses and methods to derive that data when it does not exist. They cover how this was done in the past and their updated method for interpolation of such data from record losses and other firmographic data. They end with a discussion of the role of m…
…
continue reading
1
2023 IT Compliance and Risk Benchmark Report
24:39
24:39
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
24:39
Are you wondering about the ever-changing landscape of IT compliance and risk management? Look no further. Hyperproof, a leading SaaS compliance operations provider, conducts an annual survey of over 1,000 IT risk, compliance, and security professionals to uncover their top challenges. Tune in to this exclusive episode to hear about the top five mo…
…
continue reading
1
What Kind of Glasses Are You Wearing? Your View of Risk May Be Your Biggest Risk of All
28:02
28:02
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
28:02
The world of business has changed dramatically over the past few years. Our digital world is more connected than ever, leaving security and technology teams stretched even thinner. Privacy and data regulations are increasing on a state and national level, threat actors are learning and evolving, and cybersecurity has finally become a boardroom prio…
…
continue reading
1
How Organizations Can Consistently Reduce Cyberrisk
32:26
32:26
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
32:26
Cyber threats are now a “clear and present danger” to most organizations, companies and governments of the world. A good cyber defense involves many, intricate layers. You can never have enough layers, just like you can never remove all the risk. In order for organizations to reduce as much risk as possible, in a rapidly shifting threat landscape, …
…
continue reading
1
Key Considerations for Conducting Remote IT Audits
16:56
16:56
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
16:56
Conducting adequate preparation including risk assessments, assessing resource requirements and ensuring ongoing communication to harness both the benefits and to address the potential challenges faced when conducting hybrid or fully virtual audits.द्वारा ISACA Podcast
…
continue reading
1
Seven Things to Know Before Automating IT General Control Audits
33:46
33:46
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
33:46
This podcast is a practical discussion with two IT Internal Auditors, Frans Geldenhuys and Gustav Silvo, that have automated IT General Controls across their highly diversified and decentralized group. They will share some of the pitfalls they have experienced in their automation roll out and advise on how to avoid or manage these pitfalls with hos…
…
continue reading
1
Understanding, Assessing, Aligning and Transforming Organizational Culture
29:03
29:03
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
29:03
Organizational culture is crucial because it shapes behaviors and attitudes in the workplace, which can profoundly impact operations and overall success. However, it is sometimes difficult for CISOs and other infosec managers to fully understand their culture because they are inside it constantly. In this ISACA Podcast episode, author and journalis…
…
continue reading
1
Topics in Emerging Technology, Governance and Ethics
33:13
33:13
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
33:13
What are the primary risks associated with the adoption of emerging technologies, particularly during periods of high market volatility and changing governance requirements? We talk with Samuel Zaruba Smith, PhD(c) about his learnings from working in government regulated industries and emerging technology. We deep dive into the problems of business…
…
continue reading
1
Industry Spotlight - Julia Kanouse
21:54
21:54
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
21:54
Get to know Chief Membership and Marketing Officer Julia Kanouse as she sits down with childhood best friend and ISACA VP Amanda Raible. The duo discuss everything from leadership to motherhood while competing in Mario Kart! Tune in!द्वारा ISACA Podcast
…
continue reading
1
What Is Your IP Address Cybersecurity IQ? The Role of IP Address Data in a Digital World
28:20
28:20
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
28:20
There are literally thousands of VPN services on the market. Some are undeniably benign, but others offer a slate of features that are friendly to cyber criminals. Keeping your network safe from hackers requires you to understand the VPN market, and make decisions based on your company’s appetite for risk. Fortunately, by analyzing IP address data …
…
continue reading
1
The Future of Technology Risk: 4 Ways to Build Stakeholder Trust in the Technology Risk Imperative
25:32
25:32
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
25:32
Today, the pace of change across industries is quicker than ever before. Economic, political, and social unrest and a global climate crisis have placed unprecedented disruption and pressures on organizations looking to navigate a rapidly changing environment. Firms are being out-innovated and entire industries are being disrupted in a matter of mon…
…
continue reading
1
Measuring Security Resilience from the Lens of the Adversary Community
21:37
21:37
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
21:37
In a world where adversaries are constantly adapting to improve tactics, techniques, and procedures (TTPs), it is crucial to understand the unique traits and goals of various types of adversaries that actively seek to cause harm to an organization. The personification of these threats will ultimately help measure resilience against specific threat …
…
continue reading
For the average person, life moves quickly. But for business leaders and anyone involved in any aspect of IT, the pace at which technology is changing is overwhelming. Technology can help businesses and individuals do more with less and increase profit margins. However, technological advances carry tremendous risk and increase the criticality of ri…
…
continue reading
1
Building Digital Trust Through Advocacy
28:02
28:02
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
28:02
If you thought ISACA was only about certification and education, get ready to listen to this podcast and see how ISACA advocates for the IT Audit and Risk Management professions! Join Cindy Baxter, author of the Audit in Practice column in the ISACA Journal, as she interviews two members of the ISACA New England Board of Directors who attended ISAC…
…
continue reading
In this episode, executive principal at Risk Masters International’s Steven Ross discusses why vendors of IT products and services are advertising information security, why businesses are not advertising their security and how to use information security as a component of organizations’ public images with host Safia Kazi.…
…
continue reading
SaaS is eating the world even more than we think. Companies are dealing with SaaS sprawl: hundreds of apps distributed across different owners that store sensitive data and which are used to orchestrate critical business workflows. Security-minded teams are turning to external compliance frameworks to help protect their customers and data. However,…
…
continue reading
A review of the events of 2022 shows that 2023 will not be the year of dire new cyber attacks waged by hoodie-wearing cyber criminals or office-bound nation-state APTs. Instead, 2023 will be when multiple regulatory bodies express their mounting frustration with public and private companies' collective inability to reduce the volume and impact of p…
…
continue reading
1
Improving Cyber Resilience in an Age of Continuous Attacks
32:26
32:26
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
32:26
We live in the age of continuous compromise. This podcast dives into why so many organizations continue to be breached even after spending money on cybersecurity point solutions. Many organizations gravitate towards silver bullet solutions without understanding the threat and impact. In this ISACA Podcast episode, Chris McGown speaks to Rex Johnson…
…
continue reading
1
Advancing Digital Trust Through Audit and Assurance
25:30
25:30
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
25:30
A strong audit and assurance function is critical to achieving digital trust in an organization. This conversation spotlights audit's role in digital trust and outlines key priorities. It also shares new ISACA resources for auditors. For more information, go to https://isaca.org/digital-trustद्वारा ISACA Podcast
…
continue reading
1
ISACA Live_Critical Infrastructure Security
26:48
26:48
बाद में चलाएं
बाद में चलाएं
सूचियाँ
पसंद
पसंद
26:48
ISACA's Chris Dimitriadis and the US GAO's Nick Marinos discuss the current state of critical infrastructure security, escalating threats and how to better prepare. For more information check out www.isaca.org/heightened-threatsद्वारा ISACA Podcast
…
continue reading