Best Isaca Podcast Podcasts (2024)

1
The Impact of an 'Always On' Mentality on Mental Health w/ Michael Kennedy 32:13

12h ago32:13

32:13

In this episode of the Unsecurity Podcast, the guys sit down with Michael Kennedy of Ostra to discuss burnout and share their personal experiences and strategies for preventing and managing work-related stress. Please send any questions, comments, or feedback to unsecurity@protonmail.com. About FRSecure https://frsecure.com/ FRSecure is a mission-d…

1
CISSP Certification and Becoming a Security Consultant w/ Brian Kelley 38:38

23d ago38:38

38:38

In this episode of the Unsecurity Podcast, Brad, and Oscar discuss the CISSP Mentorship Program with Brian Kelley now that this year's course has officially wrapped up, and touch on challenges and roadblocks for security professionals in the job market. 00:00 Intro 01:56 Ransomware and Security Best Practices 06:32 CISSP Mentorship Program and Lear…

1
Incident Response Stories w/ Mike (Pinky) Thompson 39:07

1M ago39:07

39:07

In this episode of the Unsecurity Podcast, Brad, Oscar, and Pinky discuss recent news stories about IP and central manager flaws, as well as a vulnerability enrichment project by CISA. They also share an interesting incident response story involving internal domains and proxy auto-configuration files. Please send any questions, comments, or feedbac…

1
Meet the Mentors - Ryan Cloutier 30:35

2M ago30:35

30:35

In this episode of the Unsecurity Podcast, Brad interviews guest Ryan Cloutier as part of our Meet the Mentors series. They discuss the importance of the CISSP Mentor Program and the value of different perspectives in teaching. They also discuss the release of an exploit code for the Palo Alto Networks Zero Day vulnerability and the ethics of publi…

1
Unlocking Strategic Value from a Bug Bounty Program 27:14

3M ago27:14

27:14

Are you curious about how to maximize the strategic value and impact of your bug bounty program? In this episode, you can learn how Adobe continuously develops and improves its bounty program to engage security researchers and hackers globally and improve its security posture from an adversary perspective. In this ISACA Podcast, Chris McGown, ISACA…

1
Meet the Mentors - Ron Woerner 34:13

4M ago34:13

34:13

Episode 218 of the Unsecurity Podcast is now live! This time, Brad is joined by Ron Woerner for another episode of our "Meet the Mentors" series introducing the 2024 CISSP Mentor Program instructors! Links & information: Find Ron on LinkedIn https://www.linkedin.com/in/ronwoerner/ Please send any questions, comments, or feedback to unsecurity@proto…

1
Meet the Mentors - Chris Foulon 33:15

4M ago33:15

33:15

Episode 217 of the Unsecurity Podcast is now live! This time, Brad is joined by Chris Foulon for the first episode in our "Meet the Mentors" series, introducing our 2024 CISSP Mentor Program instructors! Links & information: Chris's Podcast (Breaking Into Cybersecurity) https://podcasts.apple.com/us/podcast/breaking-into-cybersecurity/id1463136698 …

1
The Cyber Standard Podcast - Episode 1 41:39

4M ago41:39

41:39

Tune in to the inaugural episode of "The Cyber Standard Podcast," “The Vision!” Join host Ameet Jugnauth as he interviews Robin Lyons, ISACA Principal, IT Audit Professional Practices, and Annmarie Dann, Director of Professional Standards at the UK Cyber Security Council, in a compelling discussion about the standardization of specialisms in cybers…

1
Measuring Security Risk Against Dynamic Threats 28:34

4M ago28:34

28:34

Getting dressed is a routine example of everyday life packed with choices. Should I wear pants or shorts? Do I need a sweater? Shoes or sandals? While we often make these choices subconsciously, even actions that don’t appear as choices include several microscopic risk-based calculations. These judgments are executed based on some estimate of risk,…

1
Reflecting on 25 Years of Information Security Matters 13:54

5M ago13:54

13:54

ISACA recently marked the 25th anniversary of Steve Ross’ ISACA Journal Information Security Matters column. Over the last quarter century, technology, security, and the workforce have evolved, while certain challenges remain the same. In this ISACA Podcast episode, Safia Kazi speaks to Steve about how he started writing for the Journal, societal s…

1
Vulnerability Scanning V.S. Penetration Testing w/ Matt Dowd 35:12

5M ago35:12

35:12

Episode 216 of the Unsecurity Podcast is now live! This time, Oscar and Brad are joined by FRSecure's Matt Dowd to discuss the difference between vulnerability scanning and penetration testing. Links & information Cisco Critical Vulnerabilities https://www.securityweek.com/cisco-patches-critical-vulnerabilities-in-enterprise-communication-devices/ …

1
A View into CTEM Exposure Management: Reducing your Attack Surface 3x 43:00

5M ago43:00

43:00

Organizations can no longer rely on legacy vulnerability management solutions to protect against even basic attacks. Instead, vulnerability management is just one small component in a unified continuous threat exposure management (CTEM) approach to securing an enterprise from malicious intruders and ransomware. In addition to vulnerability manageme…

1
ISACA Home Network Webinar Series w/ Dave Tuckman 32:13

5M ago32:13

32:13

Episode 215 of the Unsecurity Podcast is now live! This time, Brad is joined by FRSecure's Dave Tuckman to discuss an upcoming webinar series about securing home networks with ISACA and select FRSecure staff leading the sessions. Links & information ISACA home network webinar series: Session 1: 2/12 - Household Computer Safety, Using The Internet S…

1
Improving Security while Enabling Market Access with CCF 21:44

5M ago21:44

21:44

Software-as-a-Service (SaaS) providers continue to face increasing customer demand to attain security compliance certifications that demonstrate commitment to security, privacy, confidentiality, and more. Pursuing every national and international certification individually results in a repetitive cycle of ongoing walkthroughs, interviews, testing, …

1
Breachmas Report w/ Mike (Pinky) Thompson 37:05

5M ago37:05

37:05

Episode 214 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Mike (Pinky) Thompson for a Breachmas report and some news from around the industry. News links Mandiant's X (Twitter) Account Hacked https://thehackernews.com/2024/01/mandiants-x-account-was-hacked-using.html CISCO Patch https://www.securityweek.c…

1
Leveraging Agile Concepts for Neurodiverse Auditors 28:43

5M ago28:43

28:43

In this ISACA Podcast episode, we’ll delve into how leveraging Agile concepts can mitigate common challenges neurodiverse auditors face in the workplace. Neurodivergent auditors can bring a fresh and dynamic energy to projects if given appropriate accommodation. Join us as ISACA's Robin Lyons chats with Program External Audit IT Program Manager Ama…

1
Minimizing Risk and Audit Requests 21:16

6M ago21:16

21:16

With the increasing demand for audits and risk assessments, artifact requests will not be going away anytime soon. However, the burden these activities bring to the organization can be drastically reduced when audit and risk work together. In this ISACA Podcast episode, Paul Phillips, Director of Event Content Development at ISACA, hosts Staff Gove…

1
Issue Management Confidential: Tools and Best Practices for Improving IT Issue Management 28:40

6M ago28:40

28:40

Effective IT issue management is crucial for organizations to mitigate financial loss, reputational damage, and operational disruptions. Issue management tools streamline the process by tracking and resolving issues, while risk rating helps prioritize responses based on their impact and likelihood. In this ISACA Podcast episode, ISACA's GRC Profess…

1
Managing FRSecure's Culture w/ Amy MacElroy 33:32

6M ago33:32

33:32

Episode 213 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Amy MacElroy to discuss company culture and how she helps maintain it in her role as head of HR. Vulnerabilities Apache Struts https://www.securityweek.com/recent-apache-struts-2-vulnerability-in-attacker-crosshairs/ Microsoft Patch Tuesday https:/…

1
Improving Security while Enabling Market Access with CCF 22:22

7M ago22:22

22:22

Software-as-a-Service (SaaS) providers continue to face increasing customer demand to attain security compliance certifications that demonstrate commitment to security, privacy, confidentiality, and more. Pursuing every national and international certification individually results in a repetitive cycle of ongoing walkthroughs, interviews, testing, …

1
Business Impact Analysis Starter Kit, CMMC 32:48

7M ago32:48

32:48

Episode 212 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Shawn Pollard to discuss our new free BIA starter kit, CMMC, and more. Water facilities report falling to hackers in separate breaches https://arstechnica.com/security/2023/11/2-municipal-water-facilities-report-falling-to-hackers-in-separate-breac…

1
R&D and Defense Evasion w/ Eric Hanson and Seth Bowling 35:13

7M ago35:13

35:13

Episode 211 of the Unsecurity Podcast is now live! This time, Brad and Oscar sit down with FRSecure's Eric Hanson and Seth Bowling to discuss R&D and defensive evasion. Blackcat report company they breached to SEC https://www.bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach/ About FRSecure: http…

1
Scaling Your Threat Modeling Program 18:45

8M ago18:45

18:45

Understanding product security risk starts before a single code line is written. Teams can discover threats to the architecture of a system early in the development life cycle with Threat Modeling. While it’s not a new concept, how do we transform traditional ways of Threat Modeling to meet the complexities of modern software development at scale? …

1
Proofpoint 2023 Voice of the CISO w/ Megan Larkins 41:19

8M ago41:19

41:19

Episode 210 of the Unsecurity Podcast is now live! This time, Brad is joined by Megan Larkins to discuss her role as FRSecure's security consulting manager, as well as Proofpoint's 2023 Voice of the CISO report. Proofpoint's 2023 Voice of the CISO https://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-report Give this episode a list…

1
Catching Up with Evan! 24:59

8M ago24:59

24:59

Episode 209 of the Unsecurity Podcast is now live! This time, Oscar and Brad welcome Evan back to the show to catch up on all his latest endeavors. Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.com.By The InfoSec Mission

1
Catching Up - DEFCON, Annual InfoSec Report, CISSP Mentor Program 31:39

9M ago31:39

31:39

Episode 208 of the Unsecurity Podcast is now live! This time, Oscar returns to the show and the guys get a chance to catch up on all the latest. Give this episode a listen and send any questions, comments, or feedback to unsecurity@protonmail.comBy The InfoSec Mission

1
Secure your Supply Chain with an Effective Vendor Security Program 15:43

9M ago15:43

15:43

Security risks introduced by vendors have become a top-of-mind concern for executives today, driven by recent supply chain incidents that have exposed organizations to operational and reputational risks. A robust vendor security program is now a must, as it helps ensure compliance and proactively identifies and mitigates these risks throughout the …

1
Cultivating Inspired Leaders with Kristi Hedges 21:11

9M ago21:11

21:11

If we want people to bring their most creative, innovative selves to work, we need to cultivate a culture where inspiration is given, encouraged, and fostered. In this ISACA Podcast, Kristi Hedges, executive coach, and leadership development consultant, speaker, and author, gives a sneak peek of her upcoming member-exclusive 'Cultivating Inspired L…

1
Exploring the Benefits of Neurodiversity within Cybersecurity 33:58

9M ago33:58

33:58

Neurodiversity within cybersecurity offers many benefits but requires organizations and hiring managers to re-evaluate hiring practices and job descriptions typically structured for neurotypical applicants. Join ISACA's Director of Professional Practices and Innovation as he hosts a conversation with a company helping to remove barriers and maximiz…

1
Defcon 2023 Recap, Huntin' Ground, CloudNordic 31:58

10M ago31:58

31:58

Episode 207 of the Unsecurity Podcast is now live! This week, Brad and Pinky discuss Defcon 2023, Huntin' Ground, and the recent CloudNordic ransom case. CloudNordic says it can't, and won't, pay the ransom demand (article): https://www.theregister.com/2023/08/23/ransomware_wipes_cloudnordic/ Send any questions, comments, or feedback to unsecurity@…

1
Internal Audits That Create Stakeholder Value Adopting an Agile Mindset 22:09

11M ago22:09

22:09

Agile Scrum is a lightweight framework that promises to significantly improve internal audits by creating a mindset that generates stakeholder value through adaptive solutions for complex auditing problems. This mindset is needed as organizations face unprecedented changes and pressures in today's business landscape. Internal audits must keep leade…

1
Strategies for Avoiding Burnout 26:39

11M ago26:39

26:39

Chronic workplace stress can lead to burnout, which poses a significant risk to the mental health of busy professionals, such as auditors. But how can these professionals protect themselves from burnout? And how can their employers help them do so? If you are interested in learning the answers to these questions, then watch as ISACA’s Robin Lyons a…

1
The Danger of Distraction in Augmented Reality 21:35

11M ago21:35

21:35

While users of technology are becoming more educated in how to avoid cyberattacks such as phishing, a distracted user might be more prone to missing signs of social engineering. This project explored whether users immersed in augmented reality applications were more inclined to fall for an on-screen text message that prompted familiarity (such as a…

1
Managing Human Risk Requires More Than Just Awareness Training 21:22

11M ago21:22

21:22

A comprehensive information security awareness program must be in place to ensure that employees are aware of and educated about the threats they may encounter at the workplace. The workforce needs to be prepared to know how to respond to these threats. It all starts with a risk assessment to identity the most critical of risks that need to be miti…

1
Adobe ColdFusion & Citrix NetScaler Vulnerabilities 29:16

11M ago29:16

29:16

This week, Oscar and Brad sit down to discuss Adobe ColdFusion & Citrix NetScaler Vulnerabilities. Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.comBy The InfoSec Mission

1
Preparing for Interruptions, Disruptions and Emergence Events 36:00

12M ago36:00

36:00

This podcast speaks about how an Information Systems (IS) Auditor can prepare for the Interruptions, Disruptions and the Emergence events that happen to the business and to technology. Describing the features of Interruptions, Disruptions and Emergence events and distinguishing the differences between them, special guest Anantha Sayana outlines how…

1
Unsecurity/Hacklebox Crossover: MOVEit, Microsoft Patch Tuesday, and Fortinet Infinity 53:30

12M ago53:30

53:30

This month, we're doing a crossover episode with The Hackle Box! For those who are not yet aware, The Hacklebox is another FRSecure podcast focused on the technical end of current events and happenings within the security industry. It's hosted several times a month by FRSecure's Technical Services Team. Discussed this month: MOVEit Attacks Microsof…

1
IS Audit in Practice: Data Integrity On Demand 41:21

12M ago41:21

41:21

On this podcast, ISACA's Hollee Mangrum-Willis and special guest Cindy Baxter discuss the disparities between American communities and access to electronic health records. From there, they examine how key data insights from the ISACA community can help us all be healthier.By ISACA Podcast

1
ChatGPT, Mobile Malware, Super Mario Malware 32:24

12M ago32:24

32:24

Episode 205 of the Unsecurity Podcast is now live! This week, Oscar and Brad sit down to discuss ChatGPT, mobile malware, and the recent Super Mario malware. Don't forget: The show is available in audio or video form wherever you get your podcasts! Give this episode a listen or watch and send any questions, comments, or feedback to unsecurity@proto…

1
ISACA Live | Digital Trust Priorities for Privacy and Emerging Tech 28:54

1y ago28:54

28:54

ISACA Digital Trust Advisory Council Members Anne Toth and Michelle Finneran Dennedy will discuss privacy concerns and priorities around emerging tech and the most critical considerations for ensuring strong digital trust. Hosted by ISACA's Safia Kazi.By ISACA Podcast

1
Processes of Engagement with Scott Gould 23:56

1y ago23:56

23:56

Scott Gould is the author of 'The Shape of Engagement: The Simple Process Behind how Engagement Works.' In this podcast, Scott gives a sneak peak at his upcoming member-exclusive, CPE-eligible event. Scott will discuss the essential frameworks for understanding and operationalizing engagement and building enduring connections with your networks and…

1
MOVEit, Fortinet, and Barracuda Vulnerabilities 29:05

1y ago29:05

29:05

Episode 204 of the Unsecurity Podcast is now live! This week, Oscar and Brad sit down to discuss the recent MOVEit, Fortinet, and Barracuda Vulnerabilities. Links: Fortigate/Fortinet Vulnerability https://projecthyphae.com/threat/the-fortigate-to-mordor-has-been-left-open/ Critical MOVEit Transfer Vulnerability https://projecthyphae.com/threat/hack…

1
Delivering Security Value to Product Teams Using the Power of Data 22:00

1y ago22:00

22:00

In security, aligning with product teams has never been more important, especially when outmaneuvering adversaries. To foster a truly productive and action-oriented cybersecurity culture, security teams must begin addressing their product engineering counterparts as customers they serve rather than entities they govern. In this podcast, ISACA’s Chr…

1
Malvertising & Malverposting 33:41

1y ago33:41

33:41

Episode 203 of the Unsecurity Podcast is live! This week, Oscar and Brad sit down to discuss 'malvertising' and 'malverposting'. Links: “Malverposting” — With Over 500K Estimated Infections... https://labs.guard.io/malverposting-with-over-500k-estimated-infections-facebook-ads-fuel-this-evolving-stealer-54b03d24b349 Give this episode a listen or wa…

1
AI Ethics and the Role of IT Auditors 30:08

1y ago30:08

30:08

We, as a society, have always lived by certain norms that are driven by our communities. These norms are enforced by rules and regulations, societal influence and public interactions. But is the same true for artificial intelligence (AI)? In this podcast we discuss and explore the answers to some of the key questions related to the rapid adoption o…

1
Using a Risk-Based Approach to Prioritize Vulnerability Remediation 27:53

1y ago27:53

27:53

Organizations today struggle with vulnerability management. More specifically, remediating vulnerabilities in a timely manner poses a challenge. With vulnerability remediation backlogs growing at an alarming rate, what can organizations do to meet their established remediation timelines and to protect the organization from cybersecurity threats. Cy…

1
The True Cost of a Data Breach 31:58

1y ago31:58

31:58

Guests Jack Freund and Natalie Jorion discuss the need for additional data for quantitative risk analyses and methods to derive that data when it does not exist. They cover how this was done in the past and their updated method for interpolation of such data from record losses and other firmographic data. They end with a discussion of the role of m…

1
FBI Takedown of The Hive, Passwordless Technology 31:18

1y ago31:18

31:18

This week, Oscar and Brad sit down to discuss passwordless tech, and the FBI's recent move to take down The Hive, one of the world's most notorious ransomware gangs. FBI Takedown of The Hive https://therecord.media/hive-ransomware-decryptors-fbi-bryan-smith-interview-click-here Give this episode a listen and send any questions, comments, or feedbac…

1
2023 IT Compliance and Risk Benchmark Report 24:39

1y ago24:39

24:39

Are you wondering about the ever-changing landscape of IT compliance and risk management? Look no further. Hyperproof, a leading SaaS compliance operations provider, conducts an annual survey of over 1,000 IT risk, compliance, and security professionals to uncover their top challenges. Tune in to this exclusive episode to hear about the top five mo…

1
What Kind of Glasses Are You Wearing? Your View of Risk May Be Your Biggest Risk of All 28:02

1y ago28:02

28:02

The world of business has changed dramatically over the past few years. Our digital world is more connected than ever, leaving security and technology teams stretched even thinner. Privacy and data regulations are increasing on a state and national level, threat actors are learning and evolving, and cybersecurity has finally become a boardroom prio…

Podcasts Worth a Listen

Isaca Podcast

Podcasts Worth a Listen

Quick Reference Guide