
100 episodes

ISACA Podcast ISACA Podcast
-
- Technology
-
-
4.5 • 34 Ratings
-
The ISACA Podcast gives you insight into the latest regulations, trends and threats experienced by information systems auditors and governance and security professionals. The experts interviewed in the ISACA Podcast have valuable perspectives they have gained from their years of experience in the field. Whether you are beginning your career or have decades of experience, the ISACA Podcast can help you be better equipped to address industry challenges and embrace opportunities.
-
Using a Risk-Based Approach to Prioritize Vulnerability Remediation
Organizations today struggle with vulnerability management. More specifically, remediating vulnerabilities in a timely manner poses a challenge. With vulnerability remediation backlogs growing at an alarming rate, what can organizations do to meet their established remediation timelines and to protect the organization from cybersecurity threats. Cybersecurity leader Ray Payano will discuss the exponential increase in published vulnerabilities, the lack of resources in cybersecurity to perform remediation and balancing remediation with reduced maintenance windows. These challenges contribute to organizations struggling with remediation backlogs. Ray will explain how calculating vulnerability risk can help organizations prioritize their vulnerabilities based on risk level to help determine the order in which vulnerabilities are addressed.
Hosted by ISACA's Chris McGowan. -
The True Cost of a Data Breach
Guests Jack Freund and Natalie Jorion discuss the need for additional data for quantitative risk analyses and methods to derive that data when it does not exist. They cover how this was done in the past and their updated method for interpolation of such data from record losses and other firmographic data. They end with a discussion of the role of model validation and how it can enable reliable risk management decision making.
Hosted by ISACA's Safia Kazi. -
2023 IT Compliance and Risk Benchmark Report
Are you wondering about the ever-changing landscape of IT compliance and risk management? Look no further. Hyperproof, a leading SaaS compliance operations provider, conducts an annual survey of over 1,000 IT risk, compliance, and security professionals to uncover their top challenges. Tune in to this exclusive episode to hear about the top five most important statistics uncovered from the survey and get an overview of how your industry peers are managing IT risk and compliance programs within their organizations.
We’ll cover:
● The top five findings from the survey
● How your peers are planning to handle compliance, audit management, and risk management in the midst of this year’s volatile economy
● What companies are doing differently in response to recent and highly publicized security breaches to avoid security lapses and compliance violations
Download Hyperproof’s 2023 IT Compliance and Risk Benchmark Report https://hyperproof.io/it-compliance-benchmarks/ -
What Kind of Glasses Are You Wearing? Your View of Risk May Be Your Biggest Risk of All
The world of business has changed dramatically over the past few years. Our digital world is more connected than ever, leaving security and technology teams stretched even thinner. Privacy and data regulations are increasing on a state and national level, threat actors are learning and evolving, and cybersecurity has finally become a boardroom priority! Now that you have leadership’s attention- what will you do? If your answer is “risk management as usual”, that may be holding you back.
Traditional risk management approaches make a lot of promises, but most of them are myths. Do any of these sound familiar?
● You can make better-informed decisions by using a single platform.
● You can use automation to achieve continuous compliance.
● You can implement risk management by creating a risk register.
● You can use qualitative attributes to measure and assess risk.
In this episode, we’ll assess risk management myths and discuss how to establish scalable, quantifiable, and always-on risk management for the future.
Hosted by Lisa Cook and featuring special guest Megan Maneval. -
How Organizations Can Consistently Reduce Cyberrisk
Cyber threats are now a “clear and present danger” to most organizations, companies and governments of the world. A good cyber defense involves many, intricate layers. You can never have enough layers, just like you can never remove all the risk. In order for organizations to reduce as much risk as possible, in a rapidly shifting threat landscape, they must constantly make improvements. The threat groups are making rapid improvements and increasing their expertise at a steady rate. They are investing in R&D and Zero-Day exploits. To offer a good defense, we must make progress at the same rate as the threat groups or we may fall behind, increasing risks and allowing the cyber world to become like the “wild-wild west.”
-
Key Considerations for Conducting Remote IT Audits
Conducting adequate preparation including risk assessments, assessing resource requirements and ensuring ongoing communication to harness both the benefits and to address the potential challenges faced when conducting hybrid or fully virtual audits.
Customer Reviews
Please add more podcasts
I really enjoy listening to the ISACA podcasts. I can get through a lot of these on my commute to work. Definitely more convenient than the journals and online articles.
Good topics, 2d rate audio quality
The topics and discussions can be very engaging, but I'm distracted by the poor audio quality. I strain to hear the hosts because they sound like they're in an empty warehouse, and the guest audio quality often isn't any better. Invest in higher quality microphones and use rooms with less echo and they'd have a more professional sounding podcast.
Test
Test