Top IT Security Bloggers

  • The US Government Shutdown’s Potentially Lasting Impact on Cybersecurity

    The partial US government shutdown is the longest in modern history and continues to drag on as both political parties remain entrenched, refusing to budge from their respective positions. The inability to reach an agreement, or at least to open the government, may have lasting impacts on the effectiveness of cybersecurity in the federal government.The near-term effects of the shutdown are more apparent than some of the downstream impacts. We regularly see or hear about the furloughed staff n...
  • A New Approach to Finding Cybersecurity Talent for the Future

    The cybersecurity profession is facing a shortage of qualified talent to fill an increasing demand for positions, as so many reports inform us. What I find self-fulfilling about our “talent dilemma” is the acknowledged rapid rate of technology change, yet the ongoing quest for specific technical experience and expertise. We seek plug-and-play people to match technology components, rather than individuals with foundational skills and an aptitude and desire to learn changing technology. As proc...
  • The Business Risks Behind Slow-Running Tech

    Entrepreneurs and IT leaders frequently underestimate the true power that slow technology has to negatively impact a business. It’s tempting to wait as long as possible to upgrade or replace your team’s devices; after all, every additional month you get out of a device results in measurable cost savings for the business. But all those slow, aging devices are probably interfering with your business more than you realize.The roots of slow technologySlow technology comes in many forms, but alway...
  • Start with the Why: A Strategic Lifecycle for Information Security

    Many presentations by information security managers for stakeholders within their organizations include the depiction of a lifecycle in one form or another to underline that information security is not a one-off project, but a continuous activity. However, often these depictions focus on what you do (such as NIST Cybersecurity Framework: Identify – Protect – Detect – Respond – Recover) or how you do it (such as Deming cycle: Plan – Do – Check – Act). As useful as these lifecycle models are, t...
  • Empower Auditors to Think Big Picture on AI

    The new white paper, Auditing Artificial Intelligence, provides an overview of what AI is, why auditors need to be aware of AI, and how the COBIT 2019 framework relates to AI auditing. The guidance addresses the somewhat nebulous definition of AI, as there is no agreed-upon definition even in the research community, since AI encompasses a wide swath of ground, including machine learning, deep learning (a subset of machine learning), and some types of rule-based systems. ISACA wisely takes a n...
  • How to Hack a Human

    Have you ever wondered just how many ways there are to hack the human mind and just how effective each technique is? I did; so I set about collating all of the techniques for human control and influence:Every social engineering scam I could find;The list of factors that influence the human decision-making process;The components that make any argument or point persuasive;How confidence tricks work;How cognitive biases—the shortcuts in how the human brain processes information—work, and ho...
  • Five Cost-Effective Ways for Small Businesses to Achieve Compliance

    In today’s world, in order to do and sustain business, all large and small companies are required to show and prove constant compliance. The task may be somewhat easier for large companies to achieve by hiring more employees; however, small businesses do not typically have the luxury to hire more people at competitive rates with large companies.Having worked for several small businesses over the past decade in addition to helping non-profits, I have seen several compliance challenges, pains a...
  • 50th Anniversary Year Provides Inspiration to Look to ISACA’s Future

    When ISACA – then known as the Electronic Data Processing Auditors Association – was incorporated by seven Los Angeles area professionals in 1969, “there was no authoritative source of information,” according to ISACA’s first president, the late Stuart Tyrnauer. There was “no cohesive force, no place to turn to for guidance.”Back then, Tyrnauer and his colleagues figured their grassroots association, focused on the emerging profession of electronic data processing auditing, was just of local...
  • All Talk, Little Action: AI and Digital Ethics in People Technology

    As we continue the end-of-the year review on all things tech, digital ethics and the progress of artificial intelligence (AI) in people-related technologies springs to mind. People tech affects HR, recruitment and other areas that enable businesses to hire, manage and plan their key asset – people. With new suppliers coming out consistently, it is very difficult for businesses to understand which technology is ethical with regard to data, code and algorithms, versus technology that is not.The...
  • Offshoring: Getting it Right Through a Security and Privacy Lens

    The offshoring industry is at a turning point. There is a growing demand to further saturate offshoring hubs with a view to increase profits. The true value of offshoring can be realized when viewed as a relationship amongst parties rather than a mere delivery model.Success of this relationship can be seen when:The offshoring units meet contractual metrics and produce deliverables of industry quality;Onshore units are successful in cutting costs and drawing profits, and are able to focus o...

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release