show episodes
 
The ISACA Podcast gives you insight into the latest regulations, trends and threats experienced by information systems auditors and governance and security professionals. Whether you are beginning your career or have decades of experience, the ISACA Podcast can help you be better equipped to address industry challenges and embrace opportunities.
 
Loading …
show series
 
What's a security audit, and why do you need one? Richard talks to Paula Januszkiewicz about auditing security, technical reviews, and so-called penetration testing. Paula talks about needing outside experts who focus on the scope of exploits out in the world today to help make sure all aspects of your company's systems are reasonably secure - ther…
 
Getting your Public Key Infrastructure right can be tricky - and getting wrong can be very bad. Richard talks to Richard Hicks about the right way to go about setting up and operating a PKI infrastructure in your organization. Different from the public certificates you use for websites and servers, Richard focuses on how to use certificates to auth…
 
What are the main risks that most enterprises need to consider when it comes to social media? If you don’t know, you and your organization are in danger of serious reputational risk! Watch as ISACA’s IT Governance Job Practice Lead, Lisa Villanueva discusses the risks of social media with Robert Findlay, Global Head of IT Audit at Glanbia. Social m…
 
Blake Curtis is a global business risk and security engineer for Deloitte Global and a research scientist with a Ph.D. in cybersecurity and risk management. Today he breaks down frameworks, governance and governmental controls from the board level to the code level. ISACA's Lisa Villanueva then asks him about years of experience vs. years of exposu…
 
2021 was a tough year for security - how can we do better in 2022? Richard chats with Jess Dodson about working to get better at information security in your organization. Jess talks about the log4j exploit as a great example of "what don't we know" - and the need for a software bill of materials as part of your configuration management database. H…
 
While our development teams have been busy running full speed ahead using the latest and greatest technology to build amazing products, security teams haven’t always been known to keep the same pace – and we have reached a point of “developer revolt.” Security teams are still too often viewed as producers of “design constraints” by development team…
 
Join Kevin Keh, IT Professional Practices Lead - Research Development for ISACA, and guest, Ramses Gallego, International Chief Technology Officer for CyberRes in the latest session of our LinkedIn Live series on Emerging Technology as they discuss four of the most prominent forms of ultra-emerging technologies including Quantum Computing, Nanotech…
 
Does your organization need hybrid identities? Richard talks to Sonia Cuff about Hybrid Active Directory, connecting your on-premises Active Directory infrastructure to M365 and Azure. There's essentially no choice in larger organizations - too many identities and applications exist that replicating identities would be a huge problem. But what abou…
 
Basic authentication is going away in Exchange Online - how will it impact you? Richard talks to Greg Taylor about the long-planned end of basic authentication support in Exchange Online. Greg talks about the fundamental vulnerability of basic authentication systems like POP and IMAP - and how many systems still use them by default. Too many busine…
 
This episode is a pre-recorded interview with Benji Block for the Author Hour podcast. We discuss our new book, The Data-Confident Internal Auditor. For internal auditors, developing trends in data analysis and data science can feel less like a wealth of information and more like an avalanche. Still, better use of data provides an opportunity to ad…
 
ISACA’s Director, Channel Business Development, Chris DeMale is joined by ServiceNow’s Director of Product Marketing, Karl Klaessig in this follow up interview that takes a deeper look into his presentation during ISACA’s Virtual Summit session, Security Operations Challenges in 2021. The presentation discussed how opportunistic and tenacious cyber…
 
What's your adaptability quotient? Richard chats with Sara Caldwell and Angela Dugan about the ideas behind the adaptability quotient - the ability to respond to change. The pandemic certainly forced a lot of change on a lot of folks - and different people coped with the changes in different ways. Sara talks about thinking about your ability to ada…
 
This ISACA TV interview is a discussion about information security concerns (and challenges), evolution, and the future. Topics covered include mobile computing devices, the Internet of Things (IoT), artificial intelligence (AI), cyber threat intelligence (CTI), software tools, and malware. Threats, risk, safeguards, and countermeasures will be rev…
 
Christmas Gifts for IT Pros! Richard chats with Joey Snow and Rick Claus about their favorite gift ideas for your favorite IT Pros. Yeah, IT folks are hard to buy for, but here are some stocking stuffers and other gifts you will be excited to receive. Whether it's items that will help you work more effectively, home automation to make living a litt…
 
Enterprises use machine learning to validate who they are doing business with and to find new opportunities. ISACA's IT Professional Practices Lead Kevin Keh discusses secure machine learning with Protegrity's Chief Security Strategist Ulf Mattsson. Ulf explains Trusted Execution Environment (TEE), synthetic data, and encryption keys. All these tec…
 
Windows 11 Ships! So now what? Richard chats with Mary Jo Foley about her thoughts around the release of Windows 11. Mary Jo talks about how quiet the conversation has been around Windows 11, other than a few bits of outrage like the TPM requirements - which, as it turns out, aren't actually required. Is there a reason to move to Windows 11? Most I…
 
Jon Brandt (Information Security Professional Practices Lead at ISACA) and Renju Varghese (Fellow and Chief Architect at HCL Technologies) break down the State Of Cybersecurity 2021 —Part II report. Threat actors did not take advantage of clients more during the pandemic, but there have been higher instances of attacks or attempts of attacks during…
 
Is the cloud secure? Richard chats with Screaming in the Cloud's Corey Quinn about the latest spate of security issues in AWS and Azure - and the responses to those issues. Corey talks about the risks the cloud providers are creating, not being clear when an exploit is found, to let people know how much visibility they have into the problem. Mitiga…
 
Why is the cloud still considered an emerging technology in 2021? Why is the cloud both an enabler and catalyst for all other technologies? How has the cloud changed our organizational eco-systems? What is the future of cloud services? Join ISACA’s Chief Futurist, Dustin Brewer as he and Julia Hermann— Head of Security Architecture and Cyber Defens…
 
This is the fourth in a series of episodes that focus on performance auditing. In this episode, we discuss five suggestions to help improve the conduct (fieldwork / execution) phase. Link: This episode's web page (riskinsights.com.au/the-assurance-show-52) About this podcast The podcast for performance auditors and internal auditors that focuses on…
 
Should you inject a little chaos into your systems? Julie Gunderson says yes! Richard chats with Julie about how deliberate failing portions of your system teach you more about your dependency and resiliency. But it's not just about breaking things - you need to build a hypothesis around how you see the reliability of the system and then create tes…
 
Loading …

Quick Reference Guide

Copyright 2022 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login