Top IT Security Bloggers

  • The Elephant in the Room: SSH Key Management

    In the early days of computing, use of private networks was more prevalent than it is now. Given that, the use of a network protocol (such as Telnet) that transmitted data in plain text was not cause for much concern. As the use of public networks increased, however, a more secure network protocol was needed. Offering encryption, authentication, and other security mechanisms, the Secure Shell (SSH) protocol has been adopted by organizations as a more secure means to connect remote servers to c...
  • Five Questions with Technologist, Astrophysicist and CSX Europe Keynoter Ade McCormack

    Editor’s note: Ade McCormack is keenly interested in the anthropological factors that drive digital innovation. McCormack, who will deliver the opening keynote at CSX Europe 2017, to take place 30 October-1 November in London, UK, visited with ISACA Now about the main drivers that have set digital innovation in motion, why some CEOs are hesitant to invest in digital transformation and more. The following is a transcript, edited for length and clarity: ISACA Now: How is our attention being ‘hi...
  • GDPR: What a Data Protection Impact Assessment Is and Isn’t

    There has been a lot written over the past year or so about the EU General Data Protection Regulation (GDPR) – what is required, and what needs to be accomplished sooner rather than later in order to meet the May 25, 2018 compliance date. And with 99 articles, with hundreds of requirements within them, covered within the GDPR, there are certainly many topics that must be addressed.While seven to eight months may seem like a long time to address them all, it is important for those responsible...
  • No End in Sight for Impact of Equifax Breach

    It is a terrible time for privacy in the United States. There are very few institutions that we entrust to hold nearly all our financial records, and one of them, Equifax, admits to losing them. The full impact of the breach will be felt over time, and right now nothing has changed in our lives besides a new worry and uncertainty. Perhaps, like with other breaches such as Anthem and Yahoo, we will have to live in fear for decades with not yet having felt the direct impact.However, I would ar...
  • The Farmer and the Equifax

    In the wake of major disasters, companies often retrench to their board rooms and ask questions about the state of their own resilience. These questions follow one of two tracks: First is a retrospective post-mortem of their own company, or preferably an affected competitor. It starts with a question like, “How would we be affected or react if this happened to us?”In the wake of the Equifax consumer data breach, many of the stories in the past days share well-articulated insights that are non...
  • Forums Showcase Common Challenges Facing IT Audit Directors

    ISACA’s IT Audit Leaders Forums, conducted this year at North America CACS and EuroCACS, fostered productive dialogue about real-world challenges impacting IT audit directors. I was fortunate enough to participate at EuroCACS, and I was especially pleased with the insights gained from listening to my peer IT audit directors. The opportunities and risks discussed were a confirmation that our audit teams are focusing on a similar set of emerging risks.On top of this, the forum facilitated an h...
  • When It Comes to Crypto, What You Don’t Know Can Hurt You

    Most of us have heard the phrase “What you don’t know can’t hurt you.” While this may hold true for some circumstances, in the case of an audit, the opposite is true. A large part of an auditor’s job is to discover and know about exposures and gaps that could hurt the organizations for which they work. An auditor’s remit includes finding, analyzing and documenting an ever-increasing list of things that organizations don’t know about but have the potential to cause damage.This task can be har...
  • Creating CyberCulture

    When growing up, many of us probably heard warnings from our parents to be careful in certain environments—the local woods, a busy side street, or at the beach.  Our parents cautioned us out of concern for our well-being, and it served a purpose. Their warnings were meant to raise our awareness of our surroundings, and ensure we would exercise care when appropriate. They reminded us that the safety of our environment depended upon the decisions we made. Today, we would be well-served to add o...
  • Five Questions With Author and Africa CACS Keynoter Siphiwe Moyo

    Editor’s note: Siphiwe Moyo, author and motivational speaker, will deliver the closing keynote address at Africa CACS 2017, which will take place 11-12 September in Accra, Ghana. Moyo, an expert on developing human capital and strategically managing change, recently visited with ISACA Now about what he terms an ‘entitlement culture’ and how the financial markets produce important life lessons. The following is an edited transcript:ISACA Now: What is the biggest key to an organization developi...
  • Spending Analysis Reflects Information Security’s Rising Profile

    Analyst firm Gartner projects that worldwide spending on IT security products and services will grow 7 percent, year over year, to reach a total of US $86.4 billion in 2017.Historically, organizations have had a tough time allocating security expense budgets because:The concept of security was vague and unclearThere is no methodology to assess the exact requirement and the resultant benefits, thus creating difficulty in establishing a sound business caseNo regulatory compulsionThe evolut...

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place