Making Cyber Education Inclusive and Accessible

Welcome to the latest edition of RiskInsider Rundown! This week, I delve into the dynamic history of risk in GRC, the journey of becoming a LinkedIn Learning Instructor, and a closer look at how ISACA's Digital Trust Ecosystem (DTEF) is paving the way for trustworthy AI. ?

Let's dive in and explore these exciting developments together!?

Risk Rundown?

Depending on who you ask, the “evolution of GRC” can spark lively debates. One thing is clear, though: GRC has transformed from an isolated compliance function to an integrated business necessity. But what's driving this shift? Is it the increasing regulatory landscape, the desire for automation and efficiency, or something more profound??

While regulatory requirements have become more stringent and widespread. And the adoption of automation does reduce the burden of manual processes, the biggest driver in the GRC evolution has, and always will be, risk!?

Organizations are recognizing the importance of viewing risk holistically rather than in isolated silos. Modern risk frameworks emphasize the interconnected nature of assets, vulnerabilities, threats, risks, and controls. This unified approach aligns risk management with overall business operations by assessing the value to the organization- also known as an asset.

Recently, organizations have expanded their GRC scope to include Environmental, Social, and Governance (ESG) issues. This broader understanding of risk encompasses sustainability, corporate ethics, and social responsibility, extending beyond traditional cyber and operational considerations. It’s crucial to monitor emerging threats and regularly update their likelihood and impact on organizational assets.?

And last, but certainly not least, the rapid advancement of technology introduces new and complex digital ecosystems, increasing the potential for risks to materialize. As organizations adopt new technology, the potential for cybersecurity incidents, data breaches, and digital fraud grows, necessitating a more integrated and proactive approach to vulnerability management.?

Always remember:?

• Risk?represents the potential loss or harm to an asset if a threat exploits a vulnerability. ?

• Well-designed and effectively operating controls enable organizations to reduce risk to an acceptable level and remain compliant with regulatory requirements. ?

At the end of the day, the purpose of compliance isn’t merely to be compliant—it’s to reduce risk.?

Collaborators Corner?

In case you missed it, I recently started a new position as a LinkedIn Learning Instructor! This journey has been unlike anything I've done before, and over the next several months, I’ll be dedicating this section of my newsletter to chronicle the experience.?

First, some history. Early this year, I was approached by ISACA to author a course on AI Governance. As I worked through the process with them, each new phase set off butterflies. It was one of the most fulfilling experiences of my life. When we had our final meeting, I felt a pit in my stomach—I didn’t want it to end!?

Staying true to my goal of making cyber education (specifically AI education) more inclusive and accessible, I applied to LinkedIn Learning in February. The screening process was unlike anything I’ve done before. I submitted an audition tape, samples from my portfolio, and met with a Content Manager to demonstrate my subject matter expertise. After passing that phase, I created an outline and learning objectives for my first course. This can be time-consuming, especially for first-time instructors, but my Content Manager provided a wealth of resources to help craft the video titles, align the goals, and spec out the course.?

Giving up many weekends was all worth it when I received the approval email in late April. I was officially a LinkedIn Learning Instructor and contracted for my first course! I was assigned a Producer who, once again, provided a ton of resources. ?

And that’s where I am today.?She and I meet regularly to review my scripts and plan the video components. And we’re scheduled to record them at the LinkedIn Learning studio in September! ?

It’s been an amazing journey so far, enhancing my instructional design skills and getting to know the LinkedIn Learning team. Stay tuned as I keep you updated on the next steps!?

Regulatory Rundown?

As some of you may know, I’m currently pursuing a Doctor of Business Administration, focusing on the impact of Artificial Intelligence on Neurodiversity in the Workplace. My research often relies on the Organization for Economic Cooperation and Development (OECD). So, imagine my excitement when I stumbled upon an article about ISACA 's Digital Trust Ecosystem (DTEF).??

ISACA’s Digital Trust Ecosystem (DTEF) enables organizations to build and deploy trustworthy AI because it:?

• Trust: Emphasizes establishing trust in AI systems through transparency, ethical considerations, and user confidence.?

• Accountability: Ensures clear responsibilities and accountability mechanisms for AI governance.?

• Compliance: Aligns AI practices with regulatory requirements and standards.?

• Security and Privacy: Incorporates robust measures to protect data and ensure privacy.?

• Continuous Monitoring: Advocates for ongoing assessment and improvement of AI systems to maintain trustworthiness.?

?

That's all for this edition of RiskInsider Rundown! From the evolution of GRC to the exhilarating journey of becoming a LinkedIn Learning Instructor, and the promising developments in AI governance, I hope you found this newsletter both insightful and enjoyable.

Stay tuned for more updates, and as always, thank you for being a part of our community!?

?

?