- ISACA NL Journal ·
The AI <> Frikandel Conundrum
By Daniela de Almeida Lourenço, MSc, CISM, CISSP, C|CISO - Artificial Intelligence (AI) is a field of work that has seen immense breakthroughs in the last few years, given its application in the tangible world. AI Technology already indicates a dramatic shift in human resource management and technology dependency. Notwithstanding the advantages, the implementation of this technology without a mature and informed strategy may not be as beneficial as imagined and, in some cases, counterproductive. What does this have to do with the Netherlands' favourite deep-fried snack? This article will share insights on the risks of rushed AI adoption and provide recommendations to assist in the governance of this emerging technology.
- ISACA NL Journal ·
Cyber Crisis? Geen Paniek!
Een cybercrisis is onvermijdelijk; vroeg of laat wordt iedere organisatie slachtoffer van een aanval, zegt Kelvin Rorive, mede-oprichter van het Cyber Chain Resilience Consortium, CCRC. In het boek 'Cyber Crisis? Geen Paniek! We hebben immers geoefend' laat het CCRC zien hoe je een goede analyse van het bedrijf kunt maken en op basis daarvan een oefenplan opzet. In ons nieuwste ISACA NL Chapter Journal artikel licht Kelvin één ander toe.
- ISACA NL Journal ·
Cyber Booked: 5 Cybersecurity authors in the spotlights
On the 23rd of May 2024, the Dutch Chapters of ISACA, ISC2 and OWASP together with the Secure Software Alliance (SSA) hosted a successful fully booked First Edition of Cyber Booked, a unique event showcasing predominantly Dutch authors of Cybersecurity books. The turnout was great, and everybody was excited to learn from the authors!
- ISACA NL Journal ·
What it means to be a True Auditor
By ir. Marc van Meel - In this era defined by digital transformation, the question arises: what essential skills must auditors, particularly those specializing in IT, cultivate to preserve trust and integrity within our rapidly digitizing society?
- ISACA NL Journal ·
In 2120 the human brain is integrated with a CPU, let’s start to secure IT
By prof. dr. Barry Derksen At the end of January 2024, Neuralink (company of tech millionaire Elon Musk) implanted a brain chip in a man who had been paralyzed from…
- ISACA NL Journal ·
From Excel to Excellence: Revitalizing IT Risk Strategies for a Future-Ready Landscape
By Dave van Stein & Yianna Paris - Effective IT risk management is necessary to safeguard valuable assets, achieve organizational objectives, and ensure long-term success. When done properly, it is a crucial tool for informed decision-making. However, keeping up has become challenging in the modern fast changing world of Agile, cloud infrastructure, the massive use of external dependencies and complex and opaque supply chains, and daily changing threats.
- ISACA NL Journal ·
Nieuwe IIA-standaarden tillen het beroep naar een hoger niveau
Door Peter Hartog - Het Instituut van Internal Auditors (IIA) heeft de nieuwe Global Internal Audit Standards (GIAS) uitgebracht. Zij beogen het beroep naar een hoger niveau tillen, en de grondslag te zijn voor de internal auditfunctie (IAF) van de toekomst. In dit artikel wordt ingegaan op hoe dit wordt gedaan, en worden de belangrijkste veranderingen beschreven.
- ISACA NL Journal ·
The Nuts and Bolts of achieving security compliance
By Erwin Laros, Karthik Rajagopalan & Yuri Bobbert - The information security requirements from the regulatory bodies overseeing the financial industry lack information on how these requirements and guidelines can be implemented in an Agile/DevOps environment and the (cloud) infrastructure supporting it. Working per these requirements is a prerequisite for maintaining a banking and insurance license. Besides the business necessity of maintaining the license, the risks of working in an Agile/DevOps environment are similar to working in a more traditional environment; thus, not mitigating those risks would lead to an unacceptable risk position. Upcoming regulatory requirements in the Financial Industry bring extra complexity. This paper examines the DevOps and Agile dynamics, the regulatory requirements and what is lacking in the current approaches. We finish with some Nuts and Bolts of the current way of working in supervision and achieving real security and compliance for the financial industry.
- ISACA NL Journal ·
Armed against ransomware
By Martijn Timmerman & Robbert Schravendijk - Nowadays, the functioning of many organizations is based on information and communication technology (Bada & Nurse, 2019; Camastra et al., 2011). Until recently, a lock on the door was enough to secure information such as business administration, customer base, and finances. However, SMEs are more likely to fall prey to cyber criminals. One of the biggest threats to business and government is ransomware, also known as ransomware (Yuryna Connolly et al., 2020). This article will describe the do's and don'ts in the field of cybersecurity for SMEs based on empirical research, with a deep dive into preventing and limiting the impact of ransomware.
- ISACA NL Journal ·
Impact of COVID-19 on Cyber Security strategies in the utilities sector
By Laurens Dewit, Bob Leysen & Yuri Bobbert - The utility sector increasingly relies on interconnected industrial control systems and networks to streamline operations. The crucial role these utilities play in our daily lives, ranging from electricity to water and gas supply, underlines the critical significance of robust cybersecurity measures within the sector. With the increase of smart devices and intelligent infrastructure (e.g. Smart Grid), the vulnerability of these systems to cyber threats has intensified, posing potential risks such as data breaches, service disruptions, and even possible sabotage.
- ISACA NL Journal ·
How to gain more “Bang for the Buck”: Quantifying risk with random simulations
By Vincent van Dijk and Yuri Bobbert - In an era where data breaches are becoming more frequent and expensive, understanding and preparing for the financial implications of such incidents is crucial. This article aims to provide a detailed approach to calculating the costs associated with data breaches, enabling organizations to make informed decisions about their defense strategies and budget allocations.
Contributing authors
- Editorial by Barry Derksen ‘In 2120 the human brain is integrated with a CPU, let’s start to secure IT’
- Dave van Stein & Yianna Paris – ‘From Excel to Ecellence: Revitalizing IT Risk Strategies for a Future-Ready Landscape’
- Peter Hartog – ‘Nieuw IIA-standaarden tillen het beroep naar een hoger niveau’
- Erwin Laros, Karthik Rajagopalan & Yuri Bobbert – ‘The Nuts and Bolts of achieving security compliance’
- Martijn Timmerman & Robbert Schravendijk – ‘Armed against ransomware’
- Laurens Dewit, Bob Leysen & Yuri Bobbert – ‘Impact of COVID-19 on Cyber Security strategies in the utilities sector’
- Vincent van Dijk & Yuri Bobbert – ‘How to gain more “Bang for the Buck”: Quantifying risk with random simulations’
Colophon
The ISACA NL Journal is written by members of ISACA Netherlands Chapter.
The Board of ISACA Netherlands Chapter offers ISACA members the opportunity to submit written works (articles, books, research reports) on ISACA-related subject matter topics for publication. The ISACA NL Chapter Review Board assesses the content of the submitted documents. After approval of the Review Board, the work in our online Journal.
Interested in submitting an article for our next Journal? Contact editor in chief Susan Schaeffer or submit your work directly to the Review Board.
Review Board
The Review Board is formed by the board of ISACA NL Chapter and consists of:
Barry Derksen
Chairman
Review Board
Mirna Bognar
Member
Review Board
Eric Mantelaers
Member
Review Board
Leon Yap
Member
Review Board