No items have been added to your cart yet
Security-as-Code can ensure that key security protocols and good practices are automated and integrated directly into all components of the software development lifecycle.
Best practices for password hygiene remain fluid as many professionals eye a future where passwords will no longer be a fixture on the security landscape
Organizations that do not prioritize building digital trust open themselves up to significant business and reputational risks, as underscored by ISACA's 2024 State of Digital Trust research.
The growing influence of artificial intelligence on the security landscape was top of mind for many presenters and attendees at the recent 2024 RSA Conference.
When it comes to the looming arrival of quantum computing, the creation of a new Turing machine will be the necessary starting point.
Many of the guardrails that exist in the context of human thinking are not in place for artificial intelligence, which presents a range of significant challenges.
Technology is neither inherently good or bad, but it can be addictive, and digital trust professionals have a role to play in countering the harms that can result.
A least-vendor strategy can bring big benefits to organizations as they undergo digital transformation projects that otherwise can become complex and strain resources.
Solving The First Conversation Problem in AI can go a long way toward companies having greater impact in leveraging the promising technology.
When properly designed and implemented, patient-centric digital healthcare brings transformative potential to healthcare patients around the world.
ISACA's Digital Trust Ecosystem Framework helps auditors and other digital trust professionals ensure that AI is implemented in a way that strengthens the organization and inspires trust with stakeholders.
While the typical cost of a standard SOC 2 audit is going down, the skill level required for auditors to effectively perform them is increasing.
A new ISACA course on artificial intelligence governance can help professionals learn to design, develop, implement and monitor trustworthy AI within their organization.
New ISACA survey data on artificial intelligence realities show that companies need to ramp up training and policies to deal with emerging risks from the powerful technology.
The COBIT framework can help organizations implement artificial intelligence more responsibly and in ways that ultimately will create more value for the enterprise.
The 2023 ISACA Annual Report provides updates on ISACA's finances, leadership and important progress made throughout the year by ISACA's global community.
There are several benefits for rising IT auditors to take the CISA exam even before they have the full years of experience required to complete their certification.
In preparing for an ATM security audit, auditors will need to prioritize understanding core governance and business processes impacting ATM management.
Sushila Nair, ISACA Technology for Humanity award-winner, sizes up the intersection of technology and humanity and what drew her to the cybersecurity field.
Artificial intelligence can help security professionals counter the threats from cyberattacks that also are increasingly boosted by AI.
ISACA volunteers share their motivations and career benefits they have received through their volunteer activities.
The Vanity Address Attack is an under-the-radar automation capable of confusing blockchain users and opening the door to digital fraud.
Embracing change, drawing inspiration from others and staying curious are among the recipes for success and longevity in the audit profession.
Cloud misconfigurations and insecure APIs are among the major threats to cloud computing infrastructure that need to be remediated.
Getting certain foundational, baseline control requirements right, including a tailored approach to risk management, benefits organizations of all types.
Artificial intelligence can be a constructive force on the jobs landscape, especially for those in digital trust professions, with the right approach and commitment to ongoing learning.
Digital Trust Ecosystem Framework expert Mark Thomas recently shared his perspective on DTEF and digital trust during an Ask Me Anything conversation on ISACA's Engage community.
The evolving risk and technology landscapes has made the knowledge and expertise of the CRISC credential all the more valuable for risk practitioners.
The COBIT framework can be useful for enterprises as they look to responsibly operationalize and govern artificial intelligence.
Limited resources, misaligned priorities, lack of awareness, complexity of IT ecosystems and regulatory pressures are among the factors that make risk management especially challenging for small and medium-sized enterprises.
The 2024 CMMI Conference will spotlight recent updates and improvements that position the CMMI community for increasingly high impact.
The ISACA China Hong Kong Chapter contributed to a panel discussion with a focus on the potential impact of cyber commanders in the security governance ecosystem.
ISACA Foundation Women's Month Scholarship Award winners share their motivations and future ambitions for making their mark on digital trust professions
A new ISACA resource on artificial intelligence provides valuable insights applicable both to those beginning their journeys in AI as well as those with knowledge and experience.
Asking the right questions and meaningfully addressing business challenges through analytics can set internal auditors on the right path toward establishing a culture of data
Lessons learned from theft prevention in a retail environment have surprising relevance when it comes to compliance and access management.
The information you upload in a public AI engine is public domain from the moment you press enter: what are the consequences for IT and corporate governance?
Whether optimizing coverage in your compliance program, identifying similar risks across various business units or seeking more efficient risk management, AI-driven insight can help to connect the dots.
The convergence of artificial intelligence and cloud computing offers big opportunities for organizations alongside potential security and privacy risks.
ISACA's SheLeadsTech program has a refreshed focus and renewed commitment to offering expanded opportunities for women to make their mark on digital trust professions.
Protecting individuals' identities in the aftermath of a privacy incident begins with important communication from banking, credit, government and employment organizations.
The Digital Trust Ecosystem Framework and COBIT work well in tandem, with each playing a significant role in allowing organizations to build a stronger foundation for success.
Oleksii Baranovskyi, of Ukraine, recipient of the ISACA Educational Excellence Award, is proud to simultaneously be a security professional and an educator.
Cybersecurity leaders should be mindful of the composition of their security teams, including common characteristics of Gen Z cyber professionals, when devising their approaches to leadership.
Mitigating the technology and information security risks from terminating third parties calls for organizations to formulate nuanced security strategies.
A major breach in France reinforces the need for sharpened security practices and the overarching imperative to drive toward strengthening digital trust.
Ransomware often targets small-to-medium enterprises, so security teams need to take action to be more prepared for this potentially devastating line of attack.
The Cybersecurity Maturity Model Certification standard helps businesses to examine their computing ecosystem and enhance capabilities for stronger supply chain resilience.
As regulatory frameworks for the AI era continue to evolve, governments around the world will need to find a shared sense of purpose and collaborate on the best way forward.
Accounting for key characteristics of trustworthiness and considering perspectives from a range of stakeholders are among the needed ingredients to strengthen AI governance.
Avoiding these light-hearted 'tips' for preparing for the CISA exam will put you in better position for a successful exam-day experience.
Responsible development of artificial intelligence that recognizes the need for a balance between AI and human capabilities is the path to ensure the powerful technology's good outweighs the bad.
By asking the right questions around people, processes and technical controls, auditors can gather the evidence and documentations they need to successfully audit social engineering.
Prioritizing comprehensive cybersecurity strategy in support of overarching enterprise goals can position enterprises for success, even amid challenging threat and regulatory environments.
Court rulings that AI cannot be granted patents provided needed short-term clarity but there are still many open questions about how AI should be viewed in legal, ethical and practical contexts.
Technology-minded countries around the world can learn a lot from Rwanda, which, despite limited resources, has become a digital benchmark through an impressive set of initiatives and ingenuity.
Identifying the flows, assets and vulnerabilities are among the key building blocks when threat modeling for software applications.
Artificial intelligence is a human creation that reflects the people who developed it, meaning we must guard against humans' shortcomings and biases resulting in AI furthering inequality and other societal harms.
Global cybersecurity practitioners share their perspectives on Australia's new cyber shields strategy to provide more robust protection of digital assets in the coming years.
Ill-designed controls can waste organizations' time and resources, so make sure implementing controls is more than just a power move.
Organizations implementing artificial intelligence into their operations will need strong governance in place to ensure transparency and trust in their AI usage.
When executed properly, risk and control self-assessments become enablers for organizations to more effectively navigate the risk management landscape.
As the intersection between cybersecurity and privacy increases, security professionals can benefit from gaining a solid understanding of core privacy terminology and privacy principles.
Challenges on the privacy landscape can be successfully addressed through upskilling, privacy by design principles and solid training and awareness programs.
The ISACA Mentorship Program has proven to be rewarding for mentors and mentees alike, allowing for valuable connections to propel ISACA members' careers to new heights.
Focusing attention on understanding and building confidence in post-quantum cryptography now can save the security community major problems in the years to come.
ISACA’s Digital Trust Ecosystem Framework (DTEF) empowers organizations to build and sustain digital trust in the age of artificial intelligence and other impactful technological advancements.
An identity system based on trust in a third party could better protect personal data and improve trust throughout the digital ecosystem.
New ISACA digital trust resources, thought leadership, and upcoming events, both in-person and virtual, are among the coming attractions in 2024 for the ISACA community.
Promoting a culture of ongoing learning and upskilling is part of the equation for organizations looking to develop a more capable and resilient workforce
Defining and articulating a clear strategy for a security operations center (SOC) will make it much more likely that organizational leaders and other key stakeholders will support the SOC on an ongoing basis.
Given its focus on human behavior in an organizational change context, change management can lead to a fresh and valuable perspective on cybersecurity