|by Ammara Waseem, CISA
||The author s a Vice President in Goldman Sachs International and works in the Internal Audit Division at the London office.
To celebrate ISACA's 50th Anniversarey, a conference was held on the 23rd May 2019, focusing on the theme “Honouring our Past. Innovating our future”. As this was a SheLeadsTech event, the conference speakers were all women, who presented on a number of topics including Artificial Intelligence (AI), Cyber Security, GDPR, etc.
The Conference was opened by ILC President Ken Spence who introduced the agenda for the day, followed by a special message from ISACA International CEO David Samuelson.
The main themes of the Conference were emerging technologies such as, cognitive automation and artificial intelligence, and how they can be used to enhance existing processes and/or create new ways of doing things more efficiently. The key takeaway from the conference was that people need to be educated about the benefits of these automation and embracing the change as it is inevitable. Here are the highlights:
- The keynote speech was delivered by Baroness Neville-Jones who has a strong interest in Cyber Security and is a former Security Minister. The Barones Neville-Jones spoke about about how firms need to start thinking about how to explain AI working for audit purposes and need to clearly define the accountability framework - who is to blame if an AI failure results in fatalities or damages?
- Priyanka Bhattacharya from Verizon spoke about a report issued by her Company in 2019 focusing on the data breaches and the trend assessment. The number of incidents which are financially motivated, or insider attacks have increased drastically over time given the sophistication of the hackers and hacking tools. Ransomware attacks are still strong.
- Marta Dunphy-Moriel of Fieldfisher covered issues related to GDPR. She emphasised that firm’s need to focus more on training and bringing awareness of their employees regarding GDPR requirements. Vendor arrangements/contracts should be thoroughly vetted for over commitments. The regulators have only significantly fined google to-date (i.e. EURO 55 million) due to the glaring GDPR breach.
- Wendy Goucher, a Security and Risk Consultant explained that firms need to create information security culture and not just focus on implementing info security controls. Info security controls are as good / robust as its designer and operators.
- Rosemary Amato of ING Bank touched upon the data classification. She explained how ING Bank has a centralised data management team who has created a centralised data repository (i.e. a Data Lake) to act as a golden data source. The team has come up with a proprietary data classification methodology to classify all data received from upstream sources in a consistent and standardised for the purpose of management or regulatory reporting purposes. So far, the program has been successful.
- Changing workplace: A list of experienced female panellists discussed about the career development initiatives in their respective workplaces and how it fits in with the “SheLeadsTech” program, which aims to engage, empower and elevate women in Senior roles in Technology.
- Several former ISACA London Chapter Board members and Presidents joined in the celebrations and were recognised by the current Chapter Board.