Beste bezoeker, u bezoekt onze website met Internet Explorer. Deze browser wordt niet meer actief ondersteund door Microsoft en kan voor veiligheids- en weergave problemen zorgen. Voor uw veiligheid raden wij u aan om een courante browser te gebruiken, zoals Google Chrome of Microsoft Edge.
Close this search box.

Category: ISACA NL Journal

  • ISACA NL Journal ·

What it means to be a True Auditor

By ir. Marc van Meel The rise of Artificial Intelligence (AI) presents both opportunities and challenges for the auditing profession. Audit professionals now regularly encounter AI systems, be it within…
  • ISACA NL Journal ·

From Excel to Excellence: Revitalizing IT Risk Strategies for a Future-Ready Landscape

By Dave van Stein & Yianna Paris - Effective IT risk management is necessary to safeguard valuable assets, achieve organizational objectives, and ensure long-term success. When done properly, it is a crucial tool for informed decision-making. However, keeping up has become challenging in the modern fast changing world of Agile, cloud infrastructure, the massive use of external dependencies and complex and opaque supply chains, and daily changing threats.
  • ISACA NL Journal ·

Nieuwe IIA-standaarden tillen het beroep naar een hoger niveau

Door Peter Hartog - Het Instituut van Internal Auditors (IIA) heeft de nieuwe Global Internal Audit Standards (GIAS) uitgebracht. Zij beogen het beroep naar een hoger niveau tillen, en de grondslag te zijn voor de internal auditfunctie (IAF) van de toekomst. In dit artikel wordt ingegaan op hoe dit wordt gedaan, en worden de belangrijkste veranderingen beschreven.
  • ISACA NL Journal ·

The Nuts and Bolts of achieving security compliance

By Erwin Laros, Karthik Rajagopalan & Yuri Bobbert - The information security requirements from the regulatory bodies overseeing the financial industry lack information on how these requirements and guidelines can be implemented in an Agile/DevOps environment and the (cloud) infrastructure supporting it. Working per these requirements is a prerequisite for maintaining a banking and insurance license. Besides the business necessity of maintaining the license, the risks of working in an Agile/DevOps environment are similar to working in a more traditional environment; thus, not mitigating those risks would lead to an unacceptable risk position. Upcoming regulatory requirements in the Financial Industry bring extra complexity. This paper examines the DevOps and Agile dynamics, the regulatory requirements and what is lacking in the current approaches. We finish with some Nuts and Bolts of the current way of working in supervision and achieving real security and compliance for the financial industry.
  • ISACA NL Journal ·

Armed against ransomware

By Martijn Timmerman & Robbert Schravendijk - Nowadays, the functioning of many organizations is based on information and communication technology (Bada & Nurse, 2019; Camastra et al., 2011). Until recently, a lock on the door was enough to secure information such as business administration, customer base, and finances. However, SMEs are more likely to fall prey to cyber criminals. One of the biggest threats to business and government is ransomware, also known as ransomware (Yuryna Connolly et al., 2020). This article will describe the do's and don'ts in the field of cybersecurity for SMEs based on empirical research, with a deep dive into preventing and limiting the impact of ransomware.
  • ISACA NL Journal ·

Impact of COVID-19 on Cyber Security strategies in the utilities sector

By Laurens Dewit, Bob Leysen & Yuri Bobbert - The utility sector increasingly relies on interconnected industrial control systems and networks to streamline operations. The crucial role these utilities play in our daily lives, ranging from electricity to water and gas supply, underlines the critical significance of robust cybersecurity measures within the sector. With the increase of smart devices and intelligent infrastructure (e.g. Smart Grid), the vulnerability of these systems to cyber threats has intensified, posing potential risks such as data breaches, service disruptions, and even possible sabotage.
  • ISACA NL Journal ·

How to gain more “Bang for the Buck”: Quantifying risk with random simulations

By Vincent van Dijk and Yuri Bobbert - In an era where data breaches are becoming more frequent and expensive, understanding and preparing for the financial implications of such incidents is crucial. This article aims to provide a detailed approach to calculating the costs associated with data breaches, enabling organizations to make informed decisions about their defense strategies and budget allocations.
  • ISACA NL Journal ·

Succesfactoren voor DevSecOps in agile software development

Auteurs: Mirna Bognar, Nico Kaag, Susan Schaeffer - Zeggen dat DevSecOps zijn passie is gaat Nico Kaag te ver. Maar hij zou wel graag zien dat security een vast onderdeel wordt bij (agile) softwareontwikkeling. In de praktijk ziet Nico namelijk nog vaak dat softwareontwikkelaars uitstekend software kunnen ontwikkelen, maar onvoldoende aandacht hebben voor security.
  • ISACA NL Journal ·

The start of the Digital Security Transformation

Editorial by Barry Derksen - With the recent developments in IT such as generative AI, new risks arrive in our landscape. At the same time IT risk and security often feel themselves as chasing the business owners on the importance to mitigate the risks, protect the organization and sometimes even as a police officer stating an employee went through the red light.

We gebruiken functionele en analytische cookies om ervoor te zorgen dat de website optimaal presteert. Als u doorgaat met het gebruik van deze site, gaan we ervan uit dat u hiermee akkoord gaat. Meer informatie vindt u in onze Privacyverklaring.