Top IT Security Bloggers
Isaca
-
Free Member Download: Securing Mobile Devices is Indispensable
IsacaEditor’s note: Glib Pakharenko was an expert reviewer of Securing Mobile Devices, the ISACA Bookstore’s Book of the Month.When I read the draft version of “Securing Mobile Devices” for review, I immediately realized that this book was exactly what I had been looking for. At the time, I happened to be participating in a challenging big enterprise program to adopt a wide set of legacy internal applications for the mobile platform.The ISACA publication on securing mobile devices presents eve... -
Internal Auditors: So What Do You Do?
IsacaIf you are an internal auditor, you can picture this scene because it has probably happened to you. You are at a party or some other social event and the conversation turns to work. Someone asks what you do for a living. “I work in internal audit,” you explain. What is that? You explain as best you can, but not everyone gets it. So you try and make your explanation easier to understand—probably too easy. And then someone says it: “Ah, so it’s like internal affairs...”Now, I do not know about... -
Effective Third-Party Risk Assessment – A Balancing Process
IsacaThe vendor risk assessment is the lynchpin of every effective third-party risk management program. In theory, the essential components of an assessment are easily determined. However, in practice, the ability to effectively understand and assess third-party controls usually conflicts with the resources available to perform the assessments, and is further handicapped by the need to rapidly conclude assessments so contracts can be finalized and projects begun. All too often this results in asse... -
Mobile Payments: Risks Versus Opportunities
IsacaHave you heard the story about the foolish farmer’s new horse? The story goes that one day in early spring, a farmer’s horse dies. The farmer needs a horse to pull his plow, so he goes to market to buy a new horse. There he meets a neighbor who says, “I have a promising yearling [adolescent horse] that will be up for sale in a month or two. Why not wait? The yearling will be much stronger and healthier than some old nag you’d buy here.” The farmer agrees. A few months go by, and on the way t... -
Pokémon Go Issues Underline Importance of Technology Pros
IsacaIt is unlikely there are many people left who have not heard of Pokémon Go. Maybe you are an active player, maybe your stock portfolio includes Nintendo shares, or maybe you have heard the warnings about criminal activity related to the game. For the uninitiated, Pokémon Go is a mobile app that uses a phone’s GPS and camera to create an augmented reality experience in which players traverse the physical world and capture animated creatures.Niantic, Inc.—which actually began as a Google projec... -
Webinar: IT/OT Convergence and Industrial Cybersecurity
IsacaMuch has been written and presented on the topic of IT/OT (information technology/operational technology) convergence; a phrase used to describe the trend that is blurring the line between what have traditionally been well-differentiated classes of IT-based systems.While this trend is well established, the full implications are still developing in areas such as the management and protection of systems against cybersecurity threats. The diversity of technologies involved ensures that there is... -
Implementation Life Cycle “Posterized” in Free COBIT 5 Download
IsacaCOBIT 5’s Seven Phases of the Implementation Life Cycle have been “posterized” into a free download that illustrates the framework’s program management, change enablement and continual improvement life cycle.The poster is part of the COBIT 5 framework for the governance and management of enterprise IT, which is highly valued by commercial, not-for-profit and public-sector organizations. Enterprise executives, IT professionals and business consultants depend on its globally accepted principles... -
Africa CACS Keynote Herman Konings to Introduce “Cathedral Thinking”
IsacaTrend analyst and consumer psychologist Herman Konings will present the Africa CACS 2016 closing keynote address, titled Cathedral Challenges: What Happens After What Comes Next? Konings is a genuine storyteller who inspires the spectator on an engaging course about the amazing world of passions and interests, trends and future expectations, and about what is and what will be.Africa CACS will take place at the InterContinental Nairobi, Kenya, from Monday, 8 August to Tuesday, 9 August. For mo... -
COBIT 5, Creating an Audit Program and Enabling Compliance
IsacaLast year I wrote an article that discussed using COBIT 5 to audit cyber controls, in this instance the Australian Signals Directorate (ASD) Top 4. At the time of writing this article I had the privilege of being an expert reviewer on a draft ISACA white paper on creating an audit program. This white paper has now been released.In the Australian government, as with all governments around the world, compliance against legislative and regulatory requirements is an important factor for the vario... -
Training, Awareness Keys to Battling Social Engineering
IsacaThe weakest link in every security posture is always the human element, which is a problem because the core asset of every business is its people. It is that human factor that makes social engineering such a significant, difficult to manage problem.The term “social engineering” incorporates any and all human-intelligent interactions that are designed to elicit an involuntary or unconscious response that serves the social engineer’s need. In many cases, this means that social engineering is co...