Special thanks to Yellowbook-CPE.com featured speaker, Joseph Horowitz, and Cybersecurity Today host, Jim Wiggins, for allowing us to share this video. Cybersecurity Today is a dedicated 30-minute TV show tackling the issue of computer security in an exciting and thought-provoking manner!
As the first guest on Season 6 of Jim’s show, Joe delves into the critical topic of integrating cybersecurity into governance, risk management and compliance. He also provides real-world examples making this a show you won’t want to miss!
Governance
Their conversation includes how COSO and other frameworks play significant roles to enhance cybersecurity resilience. They act as guides to establish policies and procedures. Without policies in place, internal controls are non-existent.
Every organization should have at least an IT policy, incident response plan and disaster recovery/business continuity plan. You just never know what may happen! It’s important from risk assessment perspective.
Risk Management/Assessment
Risk assessments are entity-wide, including IT and executive management. Identify all possible areas of where risk could occur, not only in your cybersecurity plan.
Performing a gap analysis determines where internal controls are missing in all areas of the organization.
Compliance
A lot of people don’t even know what cybersecurity requirements they need to adhere to. It all depends on what type of standards you follow. Everyone on the team should be aware of established policies since the chance of penalties exist. Potential consequences include massive fines and license revocation. Unfortunately, there’s not enough enforcement, but that doesn’t mean they won’t get to you some day. So, always be compliant!
Some best practices include an integrated and comprehensive cybersecurity strategy. But first, you need to educate your team on what cybersecurity actually is before moving forward.
Want to learn more?
Join Joe on November 20 for his 2-hour live webinar, It’s 2024…Here’s Your Cybersecurity Wake Up Call! This course is designed specifically for government auditors to provide a solid understanding of security regulations, frameworks and internal controls in accordance with GAO standards. Sign up today!
About Joe Horowitz
In July 2020, Joseph Horowitz, CISA CDPSE CIA CRMA A/CCISO joined Stetson Cybergroup as the Director of Compliance and Audit. He spent most of his 25+ year career as a collaborative, results-driven audit, risk and compliance business partner. Joe drives organizations to achieve measurable and attainable goals, as well as meeting most cybersecurity regulations. The focus of his career now is risk identification and management related to cybersecurity, information security and data protection. Joe uses his extensive knowledge to present at various conferences and webinars to help others understand the latest updates. Joe has comprehensive experience in all aspects of auditing, specializing in technology and non-technology risks and controls for a wide range of industries throughout his career. For example, Joe worked in the particular industries of government, healthcare, technology, cable & communications, consumer electronics and management consulting.
About Jim Wiggins
Jim Wiggins has over 26 years experience in the design, operation, management and auditing of IT systems. His focus the past 21 years is on information systems security. In 2020, Jim launched Cybersecurity Today, which can be viewed in the Washington, DC area. Episodes can also be streamed online.
Yellowbook-CPE.com is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: