January is a natural time to reflect on how to best set yourself up for success in the new year. A series of ISACA Now blog posts offers guidance for professionals in audit, risk, privacy and security on how to start the year strong, along with perspective on how to constructively harness emerging technology in 2025.
Risk expert Ramona Ratiu highlighted staying ahead of technological trends among her five ways that risk professionals can start 2025 well, noting that various emerging technologies open up more avenues for data breaches and other cyberattacks.
“To address these challenges, risk professionals must continuously monitor developments in AI and other advanced technologies to understand their implications,” Ratiu wrote. “Implementing robust cybersecurity measures is essential to protect against technology-based threats. Furthermore, investing in training and development will equip teams with the skills and knowledge needed to manage and mitigate technology-related risks.”
From a privacy standpoint, blog author Onur Korucu wrote that static regulatory frameworks are insufficient in the current technology landscape. Korucu believes that an adaptive regulatory environment means greater flexibility and cross-border collaboration will be important.
“The world’s innovation thrives on one common goal: delivering faster, more creative and effective solutions through better technologies,” Korucu wrote. “Yet, privacy and regulatory priorities vary across geographies, shaped by diverse mindsets, cultural contexts and legal traditions. This disparity calls for a multidisciplinary, collective approach; one that sees cultural differences not as barriers but as accelerators of innovation in privacy and data management.”
The blog series also features guidance for security professionals from ISACA Board Vice Chair Niel Harper, who highlighted the important connection between the security team and enterprise leadership to align security outcomes with the organization’s strategic goals.
“This can be achieved by providing tangible data, such as updates on KPIs, benchmarking and other pertinent metrics,” Harper wrote. “Whether you are directly responsible for reporting to leadership or not, find out what information your organization’s leaders value and be part of the solution in gathering and packaging those data points to foster constructive decision-making.”
Beginning a new year presents somewhat of a reset for digital trust professionals, providing a great opportunity to reconnect with colleagues and embrace the clean slate of the flipped calendar, according to audit expert Patrick Trierweiler.
“During the busy season and the holidays, audit professionals don’t have the bandwidth to speak to all our friends and connections,” wrote Patrick Trierweiler. “The typically slower rhythm in Quarter 1 is a wonderful time to catch up with old friends and colleagues, see how everyone is doing and discuss changes/industry trends.”
Whether working in audit, risk, security or privacy, virtually all digital trust professionals increasingly have artificial intelligence and other emerging technology on their radars. Megan Hall, who co-presented an AI workshop at the 2024 ISACA Europe Conference in Dublin, Ireland, shared advice for how professionals can make better use of emerging tech in the new year. She emphasized the importance of involving risk specialists in evaluating emerging technologies for potential use cases within the enterprise, and also being mindful of security and privacy impacts.
“The three lines model is a key component of adding value to our organizations,” Hall said. “Particularly when it comes to emerging technologies, some groups within an organization may be able to provide more specialized input or analysis than others. For example, many emerging technologies, such as AI-based technologies, are going to have a heavy data-driven element, which has privacy and security implications.”
To read the entire blog series, visit t3jf.hongjiuchina.com/blog.