ISACA Now Blog

Knowledge & Insights > ISACA Now

CCPA’s Do Not Sell: It’s Here, But What Does It Mean?

Alex Bermudez, CIPP/E, CIPM, Manager, Americas, OneTrust
Posted: 1/23/2020 11:31:00 AM | Category: Privacy | Permalink | Email this post

Alex BermudezSo, the California Consumer Privacy Act (CCPA) went into effect – and, the world didn’t burn. Companies have many issues to contend with, but one in particular has presented challenges to businesses that sell personal information. "Do not sell my personal information" requests (or opt-out requests), and confusion around what these really are, have many business leaders scratching their heads.

What is the CCPA Do Not Sell Requirement?
The CCPA provides several rights to California residents, including the right to opt-out of the sale of personal information. Specifically, California residents have the right to direct businesses to stop selling their personal information.

Complacency Presents a Glaring Career Risk

Posted: 1/16/2020 12:26:00 PM | Category: ISACA | Permalink | Email this post

Alison LevineEditor’s note: Alison Levine, First American Women's Everest Expedition Team Captain and a New York Times bestselling author of “On the Edge,” will be the opening keynote speaker at ISACA’s 2020 North America CACS conference, to take place 12-14 May in Baltimore, Maryland, USA. Levine draws upon her background in extreme adventuring to convey insights on leadership and overcoming difficult challenges. She recently visited with ISACA Now to provide her perspective on navigating fear and professional challenges. The following is a transcript, edited for length and clarity:

Another Buzzword Demystified: Zero-Trust Architecture

Bhanu Jagasia, PMP, CISSP, CISM, CISA, CRISC, CGEIT, CCSFP, CHQP, C|EH, C|BP, AWS CSAA, AWS CDA, AWS CSS, 3PAO Director of Commercial Sector and Practice Manager, Bachelor of Science (B.S) - Information Systems, George Mason University
Posted: 1/14/2020 3:47:00 PM | Category: Security | Permalink | Email this post

Bhanu JagasiaI recently attended a security conference with multiple speakers covering a wide variety of topics – one of the topics, “Zero-Trust Architecture” (ZTA), was being addressed by one of the vendors, and I decided to sit-in to listen. A few minutes into the session, two facts became blaringly apparent – the speaker, who shall remain nameless, 1) did not actually understand what Zero-Trust Architecture is and what it means to implement Zero-Trust, and 2) this was a sales pitch disguised as an educational seminar.

Unfortunately, presentations on this and other topics often are heavy on buzzwords that don’t actually contribute value or advance understanding. As the aforementioned session came to a close, the session transitioned into the Q&A portion – which subsequently happened to be the same time I lost more hope for our fellow cybersecurity aficionados after hearing some of the questions asked. Below are just a few of them:

Storing for the Future: How Data Centers Will Advance in 2020

Marty Puranik, CEO, Atlantic.Net
Posted: 1/10/2020 11:31:00 AM | Category: Cloud Computing | Permalink | Email this post

Marty PuranikThe idea that data is an incredibly valuable resource in the modern business landscape isn’t new—but best practices for managing that data seem to change almost by the year. More than ever, enterprises leverage data centers to do their work, and savvy executives will be looking ahead in 2020 and beyond to learn how data can be managed more effectively.

Let’s consider three key questions here.

How will the advancement of AI improve the efficiency of data center technology?
Increasingly, artificial intelligence is being “baked in” to products from the get-go. A popular example of this concept would be IoT appliances—think a refrigerator that’s able to identify the items on its shelves, automatically facilitate restock orders and report on its own functioning and maintenance needs. Data center hardware can similarly benefit from AI:

In the New Year, Don’t Fall Back Into the Same Bad Cybersecurity Habits

Amy Diestler, CISA, Governance, Risk, and Compliance Analyst
Posted: 1/7/2020 2:59:00 PM | Category: Security | Permalink | Email this post

Amy DiestlerAround this time each year, many people aim to follow through on their New Year’s resolutions with the hope of finally being able to break that bad habit, which can prove trickier than we would like. Unfortunately, the same often holds true in our approach to cybersecurity. Despite repetitive cybersecurity reminders, time and time again, we fall back into old habits. However, the new year seems like the perfect time to try to convince you that those bad cybersecurity habits might not be so hard to break after all. Below are several patterns to break that can make a big difference.

About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.

To volunteer to write a blog or suggest a topic send an email here.