December 29, 2022 Schaumburg, Illinois–(BUSINESS WIRE)–The start of the new year marks not only digital trust professionals re-evaluating their roles and practices within their organizations, but also continuing to grow in their role. It provides a valuable opportunity to consider methods. In this light, an ISACA expert recently highlighted his 2023 insights and recommendations in the areas of privacy, cybersecurity, audit, and risk in a series of blog posts on the ISACA Now blog.
privacy
In this complex data privacy landscape, Dr. Lisa McKee, Director of Governance, Risk, Compliance, and Privacy at Hudl and member of the ISACA Emerging Trends Working Group, said experts are adopting Zero Trust privacy in data governance. recommended. Coming into the new year, the ComPriSec approach, or the fusion of compliance, privacy, and security. In a recent blog post, she emphasizes the important role of privacy engineers, but in addition to having strong privacy experts, consumers everywhere need to do their part, and the It also emphasizes that you should pay attention to his presence online.
“Privacy risk appetite is rarely discussed among boards and leaders. , privacy metrics, and reporting-focused programs.The need for these will increase in 2023 as the compliance landscape continues to evolve,” McKee said. say.
cyber security
In her blog post, Global Chief Information Security Officer Samantha Hart highlights the need for cybersecurity professionals to prepare on both a professional and personal level as they enter the new year. increase. Also this:
-
Develop a personal accident response plan that takes into account family life
-
Visit the office and connect face-to-face with colleagues
-
know the business
-
be flexible
-
Keeping people at the forefront while adopting technology and tools
“Yes, we need to fully understand the attack surface and make sure we have all the controls to detect and respond to it. We need to respond to alerts with human eyes to determine what is harmless and what is an attack,” says Hart.
audit
The changing technology landscape has realigned the business landscape, especially given the increase in cloud implementations accelerated by the pandemic.
“The biggest frustration for many leading information security professionals is the inability of the IT audit community to keep up with this rapidly changing environment and not yet fully upskill and adapt,” BDO USA recently blog post. “Looking ahead to 2023, traditional audit approaches used to assess legacy IT environments are irrelevant in today’s world of decoupled cloud-native architectures.”
Prasad highlights some areas auditors should focus on to gain an edge in the year ahead, including understanding cloud-native DevOps and managing cloud security postures, assessing privacy compliance, and gaining knowledge of vulnerability management and scope. Find out what for each type of vulnerability scan. In addition, he emphasizes the importance of auditors having strong soft skills in addition to technical skills.
Danger
Kerris Lee, ISACA Global Director of Enterprise Risk Management, notes that risk management professionals are actually doing more to de-duplicate risks, including enhancing risk identification and governance processes by de-duplicating risks. It provides tips to direct your attention to addressing high-impact, commonly-forgotten behavioral items. Risk management has a role in reviewing organizational policies, establishing incident response and business continuity plan reviews her cycles, and procurement and contracting processes. Additionally, in his post, he notes that seniors trying to set the right tone for the enterprise risk management role with his leadership at the top will go a long way in helping other members of the organization to understand and appreciate the function. Said it helps.
“There are many areas in which risk management professionals should focus in their day-to-day work, but in my experience these are often overlooked and can be detrimental to an organization over time,” says Lee. says Mr. “Small things often make a big difference, assuming you’re already doing big things well.”
For more insights from these four experts and others around the world, please visit www.isaca.org/blog. Digital Trust World 2023 will bring digital trust professionals together to discuss these and other priorities.
About ISACA
ISACA® (www.isaca.org) is a global community empowering individuals and organizations in their quest for digital trust. For over 50 years, ISACA has provided individuals and businesses with the knowledge, qualifications, education, training and community to advance their careers, transform their organizations and build a more trustworthy and ethical digital world. ISACA is a global professional association and learning organization that leverages the expertise of over 165,000 members working in areas of digital trust such as information security, governance, assurance, risk, privacy and quality. It is present in 188 countries with 225 chapters worldwide. ISACA supports her IT education and career paths for underresourced and underrepresented people through a foundation called One In Tech.
twitter: www.twitter.com/ISACANews
LinkedIn: www.linkedin.com/company/isaca
Facebook: www.facebook.com/ISACAGlobal
Instagram: www.instagram.com/isacanews
View source version at businesswire.com: https://www.businesswire.com/news/home/20221229005282/en/
contact address
Brigitte Dolfke, [email protected], +1.847.660.5554
Emily Ayala, [email protected], +1.847.385.7223
