No items have been added to your cart yet
The IT ecosystem is growing and changing due to an increased reliance on technologies. Can our perceptions evolve with it?
The question of whether to move on-premises software to the cloud has been relevant for several years. In the past, every year a few more enterprises migrated to the cloud, but that changed significantly in 2020 when organizations faced the effects of the COVID-19 pandemic.
Over the last 50 years there have been vast changes in IT. Opinions vary, but one of the most disruptive was the invention of the Internet, which, in turn, led to the creation of cloud computing.
Traditionally, the term “IT audit” suggests certain familiar procedures such as ensuring the functionality and integrity of an entity’s tools, systems and networks; testing and monitoring the security of IT systems against intrusion or misappropriation...
Information security has existed since humans started sharing information. For example, Julius Caesar developed a cipher to protect information from unauthorized disclosure.
From the most senior level to the rank-and-file, the workforce running the US technology industry has long failed to mirror the ethnic diversity of the tech user base or society at large.
The current international dynamic characterized by tension between nations in the midst of gray zone conflicts highlights the challenges in cyberspace and how cyberoperations affect the relationships of enterprises and countries.
Embedded finance has been hailed as a paradigm shift in financial services, moving from being product-centric to customer-centric.
The ISACA Journal you hold in your hand—or read on your screen—marks an important milestone. The year 2022 is the 50th year of this publication.
According to informed sources, 55 percent of all enterprise data are dark, so there is a lot of information just sitting there waiting to be (mis)used.
It seems that fraud and conspiracy are all around us. Buzz words such as “misinformation” and “disinformation” haunt the daily news, and trust seems hard to establish.
As organizations are evolving in their digital transformations, we see a great deal of pride in the ability to not only adapt to the new digital world, but to innovate new solutions as well.
With the challenges of securing cyberspace, there has been a great deal of innovation throughout the past decade, especially in the last couple of years. However, the multitude of attacks and their increasing sophistication is going to require even more innovation...
The total number of active controls in an enterprise is always extremely high. Part of the normal functioning of any process or activity is to define an objective, map the rules to achieve it, put them into practice and then constantly check their alignment with the defined objective.
With smart agriculture using soil and crop data gaining traction around the world, the importance of data management is also being increasingly recognized. As in any other business, the products produced (in this case, crops in agriculture) need to be safe and environmentally and socially friendly.
After several major accounting scandals, the US Sarbanes-Oxley (SOX) Act of 2002 was enacted in the United States to protect investors from fraud, improve reliability of financial reporting and restore investor confidence.
The practice of audit is age-old, though the many models and methods have evolved over time. The audit community has faced significant challenges, ranging from misalignment with auditees to ignorance about changing risk areas with technology advances.
One analysis of the word “risk” and its impact on risk management processes uses RISK as an acronym for reasoning, intelligence, strategy and knowledge.
Sometimes known as the Stone Dragon, the Great Wall of China is one of the world’s greatest engineering wonders. This masterpiece can be seen from space and was built as a series of fortifications over several hundred years and across the historical northern borders of Imperial China.
The leaders and policymakers of nations around the world are working on building national digital identity systems and frameworks.
From the early days of electronic data processing (EDP) to modern cybersecurity, IS audits have come a long way. The landscape around information systems has been changing, but as in any journey, an eye on the rearview mirror enables better decision-making and safer travel forward.
Cyberwar and conventional war have certain similarities, but cyberwar involves obscure and often anonymous enemies. Cybersecurity is one of the most significant challenges facing both enterprises and individuals today. It is vital to be prepared to defend against the war waged by sophisticated cyberadversaries.
It has long been the assumption that, once built, all computer systems are Turing machines—that is, devices that perform one small, deterministic step at a time—and are, therefore, deterministic in nature
In February 2016, the world witnessed a sophisticated cyberheist in which the computer terminals of Bangladesh Bank, which interfaced with the communication system of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), were compromised through spear phishing emails.
Organizations must review cybersecurity threats and attack vectors, understand the importance of the incident response plan (IRP), review response activities, conduct tabletop exercises, analyze the exercises to determine areas for improvement, manage reporting and conduct IRP maintenance.
These days, cyberadversaries are coming up with different kinds of capabilities and objectives behind each of their new cyberattacks, which has forced organizations to do a deeper, more introspective evaluation of their existing cyberdefense mechanisms.
Fintech organizations that provide payment solutions to merchants, banks and financial institutions have a strict requirement to maintain security and regulatory compliance.
Agile is on trend these days. Even the people who opposed agile in the past have now jumped on the bandwagon and actively campaign for going Agile while not always understanding what that means—and often inserting the same nonagile obstacles they have been practicing into their version of Agile audit.
Managing cybersecurity and technology risk is a major challenge for virtual banks. Although cyberattacks and a lack of system resilience can be detrimental for both traditional and virtual banks, they arguably have a greater impact on the latter.
