Home / Resources / News and Trends / Industry News / 2023

Domain:

More Filters
Card List
Justin Rende
Security Article

Track These 7 Trends for Proactive Cybersecurity in 2024

As 2024 looms near, digital threats are expected to increase in sophistication. Consequently, the tools and strategies cyberprofessionals use to counter them must also adapt.

26 December 2023
Chris McGowan
Security Article

Quishing: The Invisible Threat in QR Code Technology

When quishing occurs, unsuspecting individuals are lured into scanning malicious QR codes that link to fraudulent websites or malware downloads. Awareness surrounding this new threat must be raised to protect personal data and digital safety.

19 December 2023
Sadiq Nasir
Security Article

Rethinking Cybersecurity Training to Build a Resilient Workforce

There is much to be gained by exploring various approaches to ensuring benefits realization for any cybersecurity training program.

12 December 2023
James Allman-Talbot
Security Article

The Grim Reality of a Cyberattack: From Probability to Certainty

The outlook is grim for organizations that wish to keep their data secure. It is necessary to understand practical methods for reducing the impact of suffering from an attack.

5 December 2023
Michalis Kamprianis
Risk Article

Third-Party Risk Management: The Security Blind Spot No One Wants to Discuss

Third-party risk analysis services and customer security questionnaires are no longer sufficient for risk management. Trust professionals must explore alternative solutions for mitigating risk.

28 November 2023
Arunava Banerjee
Risk Article

Optimizing Risk Transfer for Systematic Cyberresilience

As security professionals navigate the present cyberthreat horizon, it is crucial to understand the emerging dangers and fortify digital defenses with cyberinsurance to ensure a secure digital future.

21 November 2023
Fene Osakwe
Audit Article

Three Skills for Succeeding as an IT Auditor in the 21st Century

There are 3 skills that a modern IT auditor must possess to add value to the technology teams being audited and to avoid being seen through a negative lens by senior leadership.

14 November 2023
Sunil Arora
Security Article

From Chaos to Confidence: The Indispensable Role of Security Architecture

Similar to a high-rise building, a cybersecurity defense needs a solid foundation to avoid putting long-term stability at risk.

7 November 2023
Meghan Maneval
Privacy Article

What the Past Tells Us About the Future of Privacy in the United States

Because information can be replicated, exfiltrated or deleted in a matter of seconds, consumers and organizations need to implement steps to prevent, detect, respond to and remediate data breaches.

6 November 2023
Jack Freund
Security Article

What Is Considered a Material Cyberrisk Under the New US SEC Rules?

The cyberevent disclosure rules introduced by the US SEC in July 2023 have sparked a wave of concern among cybersecurity professionals and BoDs.

2 November 2023
Oliver Kling
Security Article

The Importance of Security Logistics in Software Development

Organizations must understand how security measures work, are implemented and behave—and under which circumstances they fail.

31 October 2023
Safia Kazi
Privacy Article

Legally Permissible Does Not Mean Ethical

Treating compliance as an aspiration and collecting excessive amounts of information is harmful to consumers; privacy professionals must help their enterprises’ privacy practices be more ethically focused.

30 October 2023
How Rising Professionals Can Obtain Coveted Expertise in Emerging Tech
Emerging Technology Article

How Rising Professionals Can Obtain Coveted Expertise in Emerging Tech

Companies increasingly are on the lookout for new professionals with skills and background in emerging technologies and how to implement them in the enterprise setting.

26 October 2023
Singirikonda Manikanta
Security Article

Redefining Cybersecurity Education

Industry news offers a dynamic and up-to-date source of information that can help bridge the knowledge gap and redefine cybersecurity education.

24 October 2023
Zachary Folk
Security Article

What Enterprises Need to Know About ChatGPT and Cybersecurity

It is the responsibility of security professionals to act now to determine how to safely leverage AI—if they wish to do so at all.

17 October 2023
Arun Mamgai
Emerging Technology Article

Generative AI With Cybersecurity: Friend or Foe of Digital Transformation?

Generative AI requires significant training and cultural change to ensure confidential data is not compromised, and the security data model training infrastructure requires significant investment and strong business support.

16 October 2023
Ivan Mans
Security Article

Profiling a SAP Hacker

To mitigate the risk of cyberattacks, organizations must keep their SAP systems up-to-date with the latest security patches and updates.

10 October 2023
information security
Emerging Technology Article

The Human and AI Partnership: Collaborating for Enhanced Cybersecurity

Both generative AI and precision AI hold promise in helping organizations defend against ever more sophisticated cyberattacks.

6 October 2023
Deneen Richard, CISA, CRISC, CRMA
Audit Article

Internal Audit Data Analytics for Beginners

There are 2 phases and associated steps that auditors can take to begin the journey of utilizing data analytics.

26 September 2023
James Huang
Security Article

Improving Security While Enabling Market Access With a CCF

Cloud service providers should consider creating a common cloud controls framework—a central information security compliance and certification methodology that can include certifications such as SOC 2, ISO 27001, C5, ENS, ISMAP, IRAP, and more.

19 September 2023
Safia Kazi
Privacy Article

The Privacy Pros and Cons of Anthropomorphized AI

There are privacy-related pros and cons to anthropomorphized AI, and certain considerations need to be made for enterprises that leverage consumer-facing generative AI.

14 September 2023
Patrick Barnett
Security Article

Seventy Questions to Assess Cybersecurity Risk on a Rapidly Changing Threat Landscape

There are 70 questions that can be asked to determine whether an enterprise has most defensive principles covered and has taken steps to reduce risk (and entropy) associated with cybersecurity.

12 September 2023
Jai Sisodia
Governance Article

Understanding the EU AI Act

By examining the nuanced details of the EU AI Act, IT auditors and other information security professionals can better understand how it might affect their future work.

6 September 2023
Eric Peck
Risk Article

Tools and Best Practices for Improving IT Issue Management

It is worth exploring the importance of IT issue management and highlighting best practices and tools that organizations can use to understand, measure and mitigate IT risk.

29 August 2023
Industry News
Security Article

An Executive View of Key Cybersecurity Trends and Challenges in 2023

To more effectively defend against attacks, it is important for cyberprofessionals to understand current trends and challenges that exist in the field of cybersecurity.

22 August 2023
Safia Kazi
Privacy Article

Lessons Learned From a Controversial Terms of Service Update

Enterprises are obligated to have clear and up-to-date terms of services in place.

17 August 2023
Amanda Tucker
Audit Article

How IT Auditors Can Embrace Neurodiversity in the Workplace With Agile

With the right environment and a handful of changes, neurodivergent individuals can be assets to any audit team.

15 August 2023
Carol Lee, Terence Law, Tom Huang and Lanis Lam
Governance Article

Navigating Regulatory Trends and Best Practices for Ethical AI Governance in Mainland China

It is essential for organizations and technology risk professionals to understand the evolving AI regulatory landscape shaping the future of AI in Mainland China.

14 August 2023
Lisa Levy
Privacy Article

Afraid of Leaking Business Data? Sit Down. We Need to Have "The Talk" About Data Management and Access Control

Data management and access control measures should be integrated into every aspect of an organization's operations, creating robust defenses against data leaks.

8 August 2023
Chris McGowan
Emerging Technology Article

Generative AI and the Potential for Nefarious Use

Organizations must be aware and ready to combat the possibility of generative AI being used to conduct cyberattacks.

1 August 2023
Bassel Kablawi
Risk Article

Reviewing the 2023 OWASP API Top 10

To ensure that enterprises are not subjected to the nightmare that is an API security breach, the updated OWASP API Top 10 list is worth examining.

1 August 2023
Safia Kazi
Privacy Article

Protecting Children and Privacy Is Not a Zero-Sum Game

Privacy professionals who can be advocates for privacy and encourage people to think more critically about what is posted online can help create an online experience that protects children and preserves privacy.

26 July 2023
Chris Madeksho
Risk Article

Managing Human Risk Requires More Than Awareness Training

A comprehensive information security awareness program must be in place to ensure that employees are aware of and educated about the threats they may encounter at the workplace.

18 July 2023
Chris McGowan
Security Article

The US SEC’s Proposed Cybersecurity Crackdown

The SEC has proposed amendments aimed at bolstering and standardizing the disclosure requirements related to cybersecurity risk management, strategy, governance and incident reporting for public companies.

12 July 2023
Adeline Chan
Governance Article

The EU AI Act: Adoption Through a Risk Management Framework

The AI Act is an important step in the development of an effective and responsible regulatory framework for AI in Europe.

10 July 2023
Keri Bowman
Governance Article

The Interplay of IGA, IAM and GRC for Comprehensive Protection in Cloud Transitions

It is critical that organizations pay attention to the significance of governance, risk and compliance in their identity and access management journey.

6 July 2023
Chris McGowan
Risk Article

Where Data and Behaviors Meet: The Internet of Behaviors

As is the case with any new technology, IoB has both benefits and risk

5 July 2023
Rethinking IT Asset Valuation
Risk Article

Rethinking IT Asset Valuation, Risk Assessment and Control Implementation

Risk management and evaluation are critical to every enterprise’s strategic planning for information security.

20 June 2023
Beatrice Nepoti and Cristiano Passerini
Emerging Technology Article

AI Systems Training Pause Sought

The decision of the GPDP to inhibit the use of an innovative tool based on generative AI, such as ChatGPT, may seem questionable; therefore, it is important to understand the motivation.

13 June 2023
Laura Zannucci
Audit Article

The Increasing Importance of IT Audits to the BoD

How can the BoD ensure that it is adequately meeting requirements? One of the best ways to identify gaps in what an organization is doing vs. what it is expected to do is to conduct a thorough IT audit.

6 June 2023
Meng Fai Chan
Emerging Technology Article

Navigating the Hype and Risk of Emerging Technologies

By taking a risk-informed approach, security and risk professionals can navigate the path forward in a way that balances the potential benefits of emerging technologies with the risk they may pose.

25 May 2023
Denise Owens
Audit Article

Managing Data Privacy and Information Security With IT Audits

Ensuring that data are protected and secured in the most efficient and economical manners possible are constant battles due to the increasing sophistication of cybersecurity threats and the amount of data protection regulations.

23 May 2023
Diego Fratus, CISA, CIA, CCSA, CRMA and Cedric Blotin, CISA
Audit Article

What the Post-Pandemic Future Holds for IT Auditors

COVID-19 acted as a catalyst that accelerated digital transformation, modified how brands interact with their customers and disrupted IT audit practices.

9 May 2023
Jon Brandt
Emerging Technology Article

Generative AI: The Future Is Now, and It’s Risky

Far too many users are starstruck by AI capabilities and are putting enterprises at substantial risk.

4 May 2023
Adeline Chan
Emerging Technology Article

Can AI Be Used for Risk Assessments?

To produce risk assessments with more accuracy, artificial intelligence (AI) can be used because one of its core competencies is data aggregation and interpretation.

28 April 2023
Kurt Markley
Risk Article

Data Recovery Pitfalls to Avoid

There are 4 common false beliefs that should be dispelled to better protect organizations and their data.

25 April 2023
Sophia Bekele
Emerging Technology Article

Breaking Through the Barriers of Leadership

Although traditional gender dynamics and systemic inequality create substantial obstacles that are preventing women from achieving parity in leadership roles within the metaverse, there are also ways for women to break through barriers.

20 April 2023
Patrick Barnett
Security Article

How Organizations Can Consistently Reduce Cyberrisk

Cyberrisk is an ever-changing parameter that requires constant analysis and is difficult to quantify.

11 April 2023
Chris McGowan
Risk Article

Social Media as a Growing Threat to the Workplace

Failing to prioritize the security and privacy of a social media account can result in negative consequences spanning both the personal and professional worlds.

28 March 2023
Belinda Mueller
Emerging Technology Article

Understanding and Mitigating the Risk of AI vs. Traditional Software

It is crucial to understand what makes AI so different from traditional rule-based systems and how to address these differences.

27 March 2023
Paul Philips
Risk Article

A Road Map to Breaking Down Zero Trust Barriers

Zero trust provides an enterprise the opportunity to create a more robust and resilient security posture, simplify security management, improve the end user experience and enable modern IT practices.

14 March 2023
Maria Sommerhalder
Emerging Technology Article

Standardization and Audit in the Blockchain Space

Standardization and audits play a crucial role in in mitigating the risk that organizations potentially face when implementing blockchain emerging technology.

14 March 2023
Yunique Demann
Privacy Article

Separating Privacy Awareness From Security Awareness Training

Having a privacy and security awareness training program is better than not having one at all, but having two focused programs addressing high-risk topics is beneficial to not only organizations, but employees as well.

13 March 2023
Industry news
Governance Article

Why Are Regulations Demanding SBOM Adoption?

With the rise of software-based products, regulators have quickly implemented new standards to help manage the complexities of the software supply chain.

6 March 2023
Mary Carmichael
Privacy Article

The Difference Between Data Privacy and Data Security

When it comes to data privacy, most people think about recent events such as TikTok’s data harvesting activities, Cambridge Analytica’s use of Facebook data without consent and new privacy regulations being introduced globally.

28 February 2023
Patrick Barnett
Security Article

Prepare for Success by Planning for Threat Actor Eviction

Before returning to business as usual after a breach, enterprises must ensure that all threat actors have been evicted from the network and are not able to enter again

28 February 2023
Sophia Bekele
Risk Article

The Role of Transparency and Accountability in Digital Transformation

Understanding the benefits of adopting transparency and accountability within an organization is key to digital transformation.

22 February 2023
Jannie Wentzel and Elissa Mckinley
Risk Article

Integrated Risk Management in an Interconnected World

In this integrated world, it is no longer enough for an enterprise to manage risk strictly within its own borders.

14 February 2023
Ray Payano
Risk Article

Using a Risk-Based Approach to Prioritize Vulnerability Remediation

By calculating vulnerability risk, enterprises can prioritize vulnerabilities based on risk level to help determine the order in which vulnerabilities are addressed.

7 February 2023
Meghan Maneval
Risk Article

What Kind of Glasses Are You Wearing? Your View of Risk May Be Your Biggest Risk of All

The beginning of a new year is the perfect time to reflect on the past year and assess any industry trends or upcoming events that could impact organizations.

31 January 2023
Patrick Barnett
Security Article

Common Misconceptions About Modern Ransomware

There are many misconceptions about ransomware attacks, often due to enterprises’ failure to adapt to changes in threat group tactics, techniques and procedures (TTPs).

24 January 2023
Sandra Kuyengwa
Audit Article

Key Considerations for Conducting Remote IT Audits

While remote auditing is nothing new, the COVID-19 pandemic and resulting need for social distancing fast-tracked the adoption of remote and hybrid audits.

17 January 2023
Justin Rende
Security Article

Eight Cybersecurity Trends to Watch for in 2023

As 2023 approaches, it is an opportune time for organizations of all sizes to examine their IT infrastructure and review their cybersecurity policies.

10 January 2023
Jonathan Tomek
Security Article

What Is Your IP Address Cybersecurity IQ?

Now more than ever, security professionals need a thorough understanding of the IP addresses that seek to access their networks.

3 January 2023