In today’s digital era, cybersecurity transcends mere IT concerns to become a cornerstone of organizational integrity. The evolution of cyber threats demands that organizations not just react but proactively manage these risks. Here lies the critical part of internal audit, a strategic ally in fortifying an organization’s cyber defenses. Here Read More
A new survey is taking a look into the future to consider what the top risks may look like in 2034. The survey, conducted by Protiviti, finds that cybersecurity and risks from emerging technology are likely to still be at the center of risk management efforts in the next decade. Read More
For the modern IT auditor, the digital landscape is a battleground. The enemy is a battalion of ever-evolving threats, and our weapons are layered defenses built on meticulous analysis and proactive vigilance. This constant state of war demands laser focus on the areas where our defenses are most likely to Read More
In the relentless chess match between defenders and attackers on IT systems, traditional security solutions are beginning to show their fatigue. Static rules and signatures miss evolving threats, while broad-brush defenses often sacrifice performance for security. Enter Context-Sensitive Defense (CSD), a new frontier in cybersecurity that promises to adapt and Read More
As the scale of emerging technology risks facing companies continue to multiply, IT auditors play a key role in identifying these threats and helping their organizations to navigate them. A new survey conducted by Protiviti and The Institute of Internal Auditors (IIA) reveals which risks are keeping IT auditors up Read More
Artificial intelligence applications like ChatGPT are becoming common tools in the workplace to do everything from generating job descriptions, writing and editing reports, and to managing schedules (See related article, “How Employees Are Using ChatGPT on the Job“). But the apps aren’t perfect. In fact, they can be error prone Read More
Imagine this scenario: Your organization is hit with a sophisticated ransomware attack. The team reluctantly agrees to pay the ransom (in bitcoin, of course) and your data-recovery efforts spring into action to get the organization back up and running. But to everyone’s horror, much of the data is missing and Read More
The LSU Center for Internal Auditing, a university-based internal audit education program, is expanding to include a greater focus on cybersecurity risk and environmental, social, and governance (ESG) issues. In recognition of these changes, the program has been renamed the LSU Center for Internal Auditing & Cybersecurity Risk Management (LSUCIA&CRM). Read More
GUEST BLOG Over my long career, I have often heard, in one form or another, the phrase: “You just can’t audit that!” The first time I heard it came when I was an internal audit manager for a financial institution. The senior vice president for human resources said she was Read More
GUEST BLOG: One of the challenges when it comes to so-called “cybersecurity risk” is in accepting and then applying the idea that cyber is not an “IT risk.” No. It’s a business risk. That is easy to say, and it makes all the sense in the world. However, people tend Read More
