ISACA Now Blog

Knowledge & Insights > ISACA Now

The Film Industry and IT Security

Barbara N. Wabwire, CISA, MBA, BIT, Business IT Consultant
Posted: 8/16/2019 2:59:00 PM | Category: Security | Permalink | Email this post

Barbara WabwireFor those in the ISACA community who are fans of popular culture, you might have noticed in recent years that, in many cases, film and TV stars are beginning to look more like you and I, and less like the muscle men of our youths.

Movie and TV producers have long been interested in technology – from the times of single action heroes like the one-man army of John Rambo in “First Blood” and Arnold Schwarzenegger as a cyborg assassin in “Terminator,” the film industry has been at it. But as the work performed by IT security practitioners has become more central not only to all enterprises but to society as a whole, it has been interesting to see how that realization is filtering into the big (and small) screens.

Ethical Considerations of Artificial Intelligence

Lisa Villanueva, Technical Research Manager, ISACA
Posted: 8/15/2019 9:58:00 AM | Category: Risk Management | Permalink | Email this post

Lisa VillanuevaHave you ever stopped to consider the ethical ramifications of the technology we rely on daily in our businesses and personal lives? The ethics of emerging technology, such as artificial intelligence (AI), was one of many compelling audit and technology topics addressed this week at the 2019 GRC conference.

In tackling this topic in a session titled “Angels or Demons, The Ethical Considerations of Artificial Intelligence,” session presenter Stephen Watson, director of tech risk assurance at AuditOne UK, first used examples to define the different forms of AI. For example, it was initially thought a computer could not beat a human at a game of chess or Go in the early stages of AI. Many were fascinated to find that indeed the computer could be programmed to achieve this goal. This is an example of Narrow or Weak AI where the computer can outperform humans at a specific task.

The Key Point Everyone is Missing About FaceApp

Rebecca Herold, CEO of The Privacy Professor consultancy
Posted: 8/14/2019 2:59:00 PM | Category: Privacy | Permalink | Email this post

Rebecca HeroldMuch has been written in recent weeks about the widely publicized privacy concerns with FaceApp, the app that uses artificial intelligence (AI) and augmented reality algorithms to take the images FaceApp users upload and allow the users to change them in a wide variety of ways. Just a few of the very real risks and concerns, which exist in most other apps beyond FaceApp, include:

  1. The nation-state connection (in this case, Russia)
  2. Unabashed, unlimited third-party sharing of your personal data
  3. Terms of use give unrestricted license for FaceApp to use your photos
  4. Your data will exist forever … in possibly many different places
  5. Data from the apps are being used for surveillance
  6. Data from the apps are used for profiling
  7. Apps are being used in ways that bully and/or inflict mental anguish
  8. Using the images for authentication to your accounts
  9. Your image can easily be used in deep fake videos
10. Look-alike apps are spreading malware

Auditing a Migration Plan When Transferring from On Site to the Cloud

Katsumi Sakagawa, CISA, CRISC, IT consultant
Posted: 8/13/2019 2:59:00 PM | Category: Audit-Assurance | Permalink | Email this post

Katsumi SakagawaHave you ever audited a computer system’s migration plan when transferring it from on site to the cloud? Here are some recommendations to keep in mind based on lessons learned from migration practices:

Clarify the work burden mitigation effort. Once cloud migration is complete, it is important to clarify what burden has been mitigated by the migration from on site to the cloud; for example, automatic scalability. If the company’s computer infrastructure system meets the requirements for automatic scaling service, it can enjoy not only the service, but also cost savings. A computer system, like many single physical servers and few virtual system environments, has to address mitigating the operational burden and full treatment.

The Digital Age: A New World of Purpose-Driven Opportunity

Posted: 8/12/2019 2:58:00 PM | Category: ISACA | Permalink | Email this post

Jon DuschinskyEditor’s note: Jon Duschinsky, an entrepreneur, social innovator and firm believer in leading a purpose-driven existence, will be the closing keynote speaker at ISACA’s EuroCACS/CSX 2019 conference, to take place 16-18 October in Geneva, Switzerland. Duschinsky recently visited with ISACA Now and shared his thoughts on why being purpose-driven is more realistic than ever in today’s digital age. For more of Duschinsky’s insights, listen to his recent appearance on the ISACA Podcast.

About This Blog


This blog is intended to offer a way for ISACA leaders, constituents and staff to exchange information of interest pertinent to the association, the business environment and/or the profession.

The comments on this site are the author’s own and do not necessarily represent ISACA’s opinions or plans. ISACA does not endorse, monitor or control any links to external sites offered in this blog, and makes no warranty or statement regarding the content on those external sites.

Anyone posting comments on this site should ensure that the content remains on-topic and steers well clear of any statements that could be considered insensitive, offensive or threatening. Given ISACA’s global nature, the need to communicate in a way that is accessible and acceptable to many cultures should be taken into account. ISACA retains the right, at its sole discretion, to refuse content that is considered inappropriate.

To volunteer to write a blog or suggest a topic send an email here.