As the business world changes at an accelerating rate, auditors need to keep up or risk becoming irrelevant and unable to provide the insight that will allow their organizations to succeed. That means they’ll need to continually add to their skills and knowledge.
Latest Content From MISTI
The context around security events is essential to qualify if those events are false positives or worthy of a security response. However, today security operations are predominantly focused on event monitoring and rely on security analysts to reconstruct context.
As organizations continue to evolve and innovate, new risks arise. Meanwhile, the larger business environment continues to change, often rapidly and in unexpected ways. This places new demands on the internal audit function.
GDPR was a major focus for many organizations this year. Whether it has been extensive business process mapping, understanding the purposes of personal data, or defining its scope. But now that it's here, what should security professionals focus on next?
Organizations are accumulating large amounts of data and internal auditors are rapidly increasing their mining for, and use of, these sizable data sets. This proliferation of data raises the question of how to extract meaning from it all.
Threat intelligence expert Dave Ockwell-Jenner discusses how organizations have changed the way they approach threat intelligence, and provides the primary Dos and Don’ts associated with developing a successful threat intelligence program.
Blockchain has become the new buzzword of choice across a wide spectrum of industries, such as finance, tech, and the information security industry. However, what blockchain is and what its applications are still seem to be unclear. This article sets the record straight.
With distributed workforces and flexible workstyles, virtual team meetings are becoming commonplace in the internal audit function. Many times, though, virtual meetings aren’t taken with the same level of seriousness as in-person meetings are.
As the number of blockchain implementations continues to grow, internal auditors will need to learn about both the promise and risk this technology offers. So what exactly is blockchain technology and what does it mean to you as an internal auditor? This article answers that question.
Bugcrowd Founder Case Ellis discusses the evolution of bug bounty programs and their impact on information security, in addition to providing tips on the key areas to focus on when it comes to developing a bug bounty program at your organization.
If you’ve ever read or written a sentence along the lines of “Financial misstatement could lead to financial loss,” or “Non-compliance with policies” (what does that even mean anyway?), then read on for some tips to improve the risk statement.
Given the skills gap in information security, it's important for cybersecurity managers to diversify and expand the skill base of their team members. Here, we highlight how they can do it from a practical point of view.
The Cyber Threat Alliance’s Chief Analytic Officer Neil Jenkins provides update on the state of information sharing in 2018 and provides some insight on the steps security practitioners can take if they’re interested in sharing their threat data.
The value of a strong "tone at the top" cannot be underestimated as it can improve a company's performance. The benefits of a strong tone at the top should be of interest to leaders in all departments within every organization. Here's what you can do to evaluate it.