Top IT Security Bloggers
Isaca
-
Cyber Lessons for Enterprises from the Equifax Breach and Record Fine
IsacaGovernment regulators and representatives of Equifax announced a settlement on penalties and consumer restitution related to the 2017 data breach that exposed sensitive information belonging to 148 million people. The potentially $700 million agreement, the largest of its kind, revealed on 22 July, still needs to be approved by a court.In addition to the actions by state and federal US agencies, in May Moody’s credit rating agency downgraded Equifax, making it the first company to have its cr... -
NIST Risk Management Framework: What You Should Know
IsacaIn late December 2018, NIST published a second revision of SP800-37, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. The revised publication addresses an updated Risk Management Framework (RMF) for information systems, organizations, and individuals, in response to Executive Order 13800 and OMB Circular A-130 regarding the integration of privacy into the RMF process.Now that the dust has settled, we are taking another... -
Taking Precautions With Smart Home Gadget Security
IsacaSmart home gadgets have been among the most popular holiday, housewarming and any-occasion gifts for the last few years. Whether it’s an interconnected home security system, a pet camera, or a voice-activated assistant like the Amazon Echo, homeowners and renters alike love having these tech gadgets in their homes. In fact, research has shown that homes with smart home devices sell faster and for more than those without. Additionally, renters show great interest in living in rentals that have... -
Reimagining the Enterprise Landscape Through Advanced Technology
IsacaEditor’s note: Stafford Masie, CEO of Google Africa (2006–09) and Non Executive Board Member at ADvTECH, will be the closing keynote speaker at the 2019 Africa CACS conference, to take place 19-20 August in Johannesburg. Masie, an inventor, mentor and keen observer of how to humanize technology, recently visited with ISACA Now to discuss how enterprises in Africa and beyond can take advantage of the major technological forces of the day, such as artificial intelligence and advances in fintech.... -
Getting Creative to Solve Security Challenges in Healthcare
IsacaA recent article about information security challenges in healthcare pointed to the lack of resources many security teams report. They face staff shortages, lack of expertise and tight budgets. They find themselves unable to do the work they believe needs to be done. In thinking about any problem, I always focus on what can be done. The truth is, there’s almost always something that can be done even if you can’t fix the bigger problem. After all, part of risk management is making any risk sma... -
Are the British Airways and Marriott GDPR Fines a Tipping Point?
IsacaFor many months, infosec and privacy colleagues alike have been telling me that the FUD (fear, uncertainty and doubt) about the terrifying levels of EU fines under the European Union General Data Privacy Regulation (GDPR) have disappeared from the boardrooms and executive management meetings.In many organizations, the sentiment from senior management was that GDPR was another Y2K; it looked terrifying on paper but – meh – it probably did not matter that much after all.As the statistics from... -
Stripping Off the Monster Tag from IT Governance: An Inclusive Approach
IsacaIt is said that anything with two heads is a monster. I usually think of this saying when carrying out IT governance reviews, as inclusive governance seems to be a missing link. The study of governance has been fragmented and so diverse that it has birthed different specializations. But governance is the only head that should exist in any organization. Governance represents direction, strategies, policies, regulations and actions that influence how an organization is to be managed. Governance... -
Forthright Handling of Cybercrime Essential to Improved Results
IsacaWhile it is has become generally well-known that enterprises have a problem dealing with cybercrime, the true extent of the problem is much worse than many realize. In fact, even the entities that really ought to know the reality – such as legal and regulatory authorities – are generally in the dark about how many incidents are occurring and how severe they are. In ISACA’s recently released State of Cybersecurity 2019 research, a combined 75 percent of security professionals responding to the... -
Rebuilding Institutions for an Online World
IsacaEditor’s note: Author and journalist Jamie Bartlett will be the closing keynote speaker at the Infosecurity ISACA North America Expo and Conference, which will take place 20-21 November 2019 in New York City. Bartlett recently visited with ISACA Now to discuss his outlook on how technology is reshaping society, beginning with his contention that the internet is killing democracy. The following is an edited transcript of the interview: ISACA Now: One of your books, The People vs. Tech, contend... -
Securing Your Data: The Crown Jewels of Your Enterprise
IsacaEvery organization has data that is vital for its organizational growth. Typically, most organizations build security around infrastructure, network and applications. But with data leakage becoming more prevalent, organizations are now considering data to be their crown jewel.Data can be classified as structured data or unstructured data. Structured data is mostly stored in a database, but usually more than 80 percent of data are unstructured.Enterprises need to protect the data from unautho...