Top IT Security Bloggers

  • Remembering My Friend and Mentor: 1984-1985 ISACA Board Chair John Lainhart

    In my presentations on leadership, I always cite one example of an incredible leader who has touched my life and hundreds—probably thousands—of others: John Lainhart. John, an ISACA volunteer for nearly 40 years, introduced me to ISACA and the value of professional associations. He was my champion and my friend.Today, I am heartbroken to share that the ISACA family has lost a great leader and a truly great person. John passed away last night.John LainhartOver his four decades with ISACA...
  • Application Security: A Three-Phase Action Plan

    If you are like any of the security leaders with whom I typically speak, you face (at least) the following burning problems:A security compromise cannot happen on my watch!If I invest resources in a particular security approach – whether it be people, products, process, or a combination of all three – how do I know that it will pay off to actually deliver on my goals?Does this sound like you? If so, I’m here to help!Extrapolating key learnings from more than 14 years of security research,...
  • Demystifying Cybersecurity Terminology

    Do you struggle to keep up to date on the latest cybersecurity terminology? Fear not, you are not alone.Behavioral microtargeting, cryptojacking, fileless malware, malvertising, cloudlets, unified endpoint management and sextortion are just some of the terms cropping up with increased regularity over the past two years.“Hey Raef, BA was just subject to a digital skimming cyberattack. Can you write a piece on that?”I could have taken a reasonable guess at what that term means, but guesswork...
  • Clouds, Codebases and Contracts – How the New Era of Privacy is Changing Third-Party Risk

    The last two years have taught us that conventional wisdom and knowledge around privacy and security needs a makeover, in particular as it relates to the EU’s GDPR and the California Consumer Privacy Act. Data controllers and businesses, the entities responsible for what happens to personal data under GDPR and CCPA, respectively, are subject to new obligations that place significant organizational risk squarely on their shoulders. Though compliance issues can come from many places, one often-o...
  • New Strategic Vision Needed to Thrive As a Digital Enterprise

    Stakes are increasing when it comes to leveraging technology to define and deliver new value. The CEO and the executive team leaders are reeling with the challenges of identifying and implementing new digital business models while also wrestling with making smart capital investments to develop and mature organizational capabilities that enable agility and rapid response to new market opportunities. At the same time, board directors are in a quandary, attempting to make sense of the digital lan...
  • Five Takeaways from the 2018 Governance, Risk and Control Conference

    Governance, risk and compliance professionals shared ideas and gathered insights on how their roles are evolving in light of enterprises’ digital transformation efforts, evolving trends in innovation, and growing regulatory and security risks recently at the sold-out 2018 GRC Conference in Nashville, Tennessee, USA.The conference, organized by The Institute of Internal Auditors (IIA) and ISACA, took place 13-15 August. Key takeaways from the conference include:It’s time to challenge conventi...
  • What is the Path to Self-Securing Software?

    As digital business hastens the speed of application development and gives way to complex, interconnected software systems (think Internet of Things, microservices and APIs), we need to address that penetration testing, although thorough, is slow and expensive. On average, it takes eight months to identify and understand the cyber and regulatory risks associated with any new software, according to research from security company Sonatype. Software development trends are compounding the issue i...
  • Shining a Light on the Biggest Healthcare IT Challenges

    Healthcare has experienced significant modernization and is now closely intertwined with IT. But as the industry changes and marketplace demands evolve, new challenges emerge. Understanding how to address these challenges is paramount to the future success of healthcare organizations and their stakeholders.Five healthcare IT challenges the industry is facingWhat used to be a small intersection is now a fully developed relationship. It’s nearly impossible to understand the current or future st...
  • GDPR – How Organizations Are Adjusting to the New Era

    On 25 May 2018, the world did not stop simply because the General Data Protection Regulation (GDPR) became enforceable. For many organizations, however, the enforcement date became a distraction, an unofficial deadline. In reality, there was no finish line.We all recall the panic-driven deluge of marketing consent emails from companies this past summer – some we engage with, many we forgot about and others we never saw. That deluge has now slowed down to a trickle. Also, noticeably quieter a...
  • Remembering Robert E Stroud

    This weekend, all ISACA lost a dedicated leader, an engaged board member, a passionate colleague and, most notably, a dear friend. Robert E Stroud, CGEIT, CRISC, 2014-2015 ISACA Board Chair, and Board Director 2015-2018, will be deeply missed.Only 55 years old, Rob passed away Monday, 3 September 2018, after being struck by a vehicle while jogging on Long Island, New York, USA. He is survived by his devoted family: his wife of 35 years, Connie, sons Josh and Kyle, daughter-in-law Allie Elizab...

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place