Looking ahead to a new year offers a valuable opportunity for digital trust professionals to not only reassess the practices within their own function or organization, but also to examine how they can continue to grow in their roles. From this vantage point, ISACA experts recently highlighted their 2023 insights and recommendations for the privacy, cybersecurity, audit and risk fields in a series of blog posts for the ISACA Now blog.
#DigitalTrust pros highlight key priorities for 2023 in privacy, cybersecurity, audit and risk.
In this complex data privacy landscape, Dr. Lisa McKee, Ph.D, Director of Governance, Risk, Compliance and Privacy, Hudl, and member of the ISACA Emerging Trends Working Group, recommends that professionals adopt zero trust privacy with data governance, as well as a ComPriSec approach—or the convergence of compliance, privacy and security—in the new year. In her recent blog post, she highlights the important role of the privacy engineer, but also emphasizes that in addition to having strong privacy professionals, consumers everywhere need to do their part and be mindful of the online presence they create.
Also Read: Viasat Awarded Five-Year $325 Million IDIQ Contract by U.S. Special Operations Command
“Privacy risk appetite is seldom discussed among boards and leaders. Privacy leaders should make sure their programs include a focus on privacy risk management programs, privacy risk appetite, privacy risk tolerance, privacy key performance indicators, privacy key risk indicators, privacy metrics and reporting. 2023 will heighten these needs as the compliance landscape continues to evolve,” says McKee.
Cybersecurity
In her blog post, Samantha Hart, a global chief information security officer, emphasizes that a big part of looking ahead to the new year for cybersecurity professionals should involve preparations on both a professional and personal level that can help ensure they are set for success. This includes:
- Having a personal incident response plan that factors in your home life
- Going into the office to make connections with colleagues face-to-face
- Knowing your business
- Being flexible
- Embracing tech and tools but keeping people at the forefront
“Yes, we do need to fully understand our attack surface and ensure we have all of the controls in place to detect and respond—however, all the tools in the world won’t take the place of skilled and valued team members who will monitor and respond to the alerts with a human eye that knows what is benign and what is an attack,” says Hart.
SOURCE: Businesswire