2025 Governance, Risk, and Control Conference from ISACA and The IIA Examines Key Cyber, AI, Emerging Tech Topics

NEW YORK--(BUSINESS WIRE)--ISACA and The Institute of Internal Auditors (The IIA) will jointly present t he 12th annual Governance, Risk, and Control (GRC) Conference on 18-20 August 2025, in New York City, NY, and virtually, focusing on leading topics for GRC and internal audit professionals and featuring global leaders in governance, risk and control.
2025 Governance, Risk, and Control Conference from ISACA and The IIA examines key cyber, AI, emerging tech topics.
Sessions will explore how GRC principles relate to cybersecurity, data, emerging technologies, and personal career development. Other topics include AI, cloud risk management, auditing blockchain, EU cybersecurity regulations, data mining, resilience and risk culture, and third-party risk management.
The GRC Conference 2025 will feature two keynote presentations. Rachel Tobac, CEO of SocialProof Security, will dive into the human element of security. Shelly Palmer, CEO of The Palmer Group, will explore quantum computing and guidance for a quantum future.
Two pre-conference workshops are being held in-person on Sunday, 17 August, including 'Performing an AI Audit using the ISACA AI Audit Toolkit,' with instructor Zachy Olorunojowon, Executive Director, Digital Health Strategic Initiative at BC Ministry of Health, and 'Navigating Crisis Scenarios as a GRC Professional - An Interactive Experience' with instructors Shawna Flanders, Director of Data Governance, Enterprise Risk, Compliance, and Business Resilience at The IIA, and Chris Stoneley, CISO at Cathay Bank.
Attendees can earn up to 16 hours of continuing professional education (CPE) credits for attending the conference, and an additional 8 CPE credits for attending a pre-conference workshop. Registration for in-person attendance will close on Friday, 15 August. For more information about GRC Conference 2025, visit the event pages at ISACA or The IIA.
About ISACA
ISACA ® (www.isaca.org) champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 185,000+ members with the knowledge, credentials, training and network they need to thrive in fields like information security, governance, assurance, risk management, data privacy and emerging tech. With a presence in more than 190 countries and with nearly 230 chapters worldwide, ISACA offers resources tailored to every stage of members' careers—helping them to thrive in a rapidly changing digital landscape, drive trusted innovation and ensure a more secure digital world. Through the ISACA Foundation, ISACA also expands IT and education career pathways, fostering opportunities to grow the next generation of technology professionals.
About The Institute of Internal Auditors
The Institute of Internal Auditors (The IIA) is an international professional association that serves more than 260,000 global members and has awarded more than 200,000 Certified Internal Auditor (CIA) certifications worldwide. Established in 1941, The IIA is recognized throughout the world as the internal audit profession's leader in standards, certifications, education, research, and technical guidance. For more information, visit theiia.org.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Yahoo

14 hours ago

• Yahoo

Teradyne (NasdaqGS:TER) Revamps By-Laws to Modernize Shareholder Procedures and Director Elections

On June 20, 2025, Teradyne implemented significant amendments to its By-Laws, adjusting nomination and proposal notice windows and clarifying voting standards. Over the past month, Teradyne's stock price moved 9% amid these changes, potentially reflecting investor confidence in enhanced governance practices. Although the broader market has remained flat, the recent gains by the company could suggest that these internal updates resonated positively with market participants, aligning with an overall upward market trend over the past year. This internal shift may have added weight to Teradyne's modest divergence from the market's flat performance. Buy, Hold or Sell Teradyne? View our complete analysis and fair value estimate and you decide. These 17 companies survived and thrived after COVID and have the right ingredients to survive Trump's tariffs. Discover why before your portfolio feels the trade war pinch. The recent amendments to Teradyne's by-laws could potentially reinforce investor confidence, aligning with broader market interests in strong governance. Over a longer five-year span, Teradyne's total shareholder return of 7.61% provides context for its performance, despite the stock's short-term fluctuations. This return contrasts with the company's one-year underperformance, as it lagged behind both the overall US market and the semiconductor industry, indicating room for improvement. The governance changes could influence Teradyne's revenue and earnings positively, particularly in the context of its strategic focus on AI, robotics, and automation. These areas are anticipated to boost revenue, though current geopolitical and tariff concerns could pose risks. Analysts forecast an annual revenue growth of 12.3% and a rise in profit margins to 24.7%, indicating a potential upside, even if challenges persist. The recent share price movement following the changes, while reflective of immediate investor sentiment, shows a notable gap against the consensus price target of US$99.83, which represents a 25.8% potential increase from the current US$74.07. This suggests that investors might be weighing the company's long-term strategic initiatives against current uncertainties. Our valuation report unveils the possibility Teradyne's shares may be trading at a discount. This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned. Companies discussed in this article include NasdaqGS:TER. This article was originally published by Simply Wall St. Have feedback on this article? Concerned about the content? with us directly. Alternatively, email editorial-team@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data

Yahoo

2 days ago

• Yahoo

London Biotechnology Show 2025: Novo Nordisk harnesses AI/ML to accelerate drug development landscape

Many biotechnology companies are navigating the various obstacles prevalent within the pharmaceutical industry with the implementation of artificial intelligence (AI) and machine learning (ML) technologies to optimise and streamline processes within the drug development landscape, according to speakers from the London biotechnology conference in London, UK, on 18-19 June 2025. In recent years, the pharmaceutical industry has exhibited a significant shift into digitalisation, with AI pushing for innovation across the entire drug development value chain, from accelerating drug discovery to optimising clinical trial design to ultimately improve patient outcomes. Novo Nordisk has taken initiatives to accelerate target discovery by implementing AI/ML technologies into genetic and human-centric in vitro models. Given the significant costs associated with drug discovery and development, achieving a successful drug candidate remains a major challenge. This complex process involves different processes such as target identification and validation, lead optimisation, and lengthy clinical trials. According to one of Novo Nordisk's speakers at the London Biotechnology conference, the company aims to utilise human data input, such as genetics, samples, and multiomics from a variety of diverse patient populations, into its target discovery engine. The AI-driven engine utilises data mining and analyses linking specific diseases to novel targets to ultimately increase the number of new targets aimed to reach the first human dose. In addition, Novo Nordisk has implemented cell image foundational models driven by deep learning to increase screening throughput derived from extensive sets of genomic data. The usage of AI and deep learning tools within the virtual assay enables large image datasets of cells to be translated into text, allowing effective mapping of the various cells by their morphology, enabling researchers to gain an understanding and effectively predict the characteristics of the cells. The implementation of AI-driven technologies has the potential to streamline many aspects of the drug development value chain, from enabling standardisation of datasets across functionalities to accelerating in vitro and in silico models and tools. As a result, pharmaceutical organisations can scale their methodologies whilst simultaneously increasing output to ultimately improve patient outcomes. "London Biotechnology Show 2025: Novo Nordisk harnesses AI/ML to accelerate drug development landscape" was originally created and published by Pharmaceutical Technology, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Sign in to access your portfolio

Forbes

2 days ago

• Forbes

Debunking Three Cliches Entrenched In The Cybersecurity Industry

JC Gaillard, Founder & CEO, Corix Partners | Board Advisor | Non-Exec Director | Author "The Cybersecurity Spiral of Failure" getty I have been writing about cybersecurity leadership, management and governance issues since 2015. What drove me to writing was primarily the low level of cybersecurity maturity I was coming across in many large firms as part of my day-to-day field work as a consultant. For me, it was difficult to understand why corporations that would have had cybersecurity practices—and budgets—for decades were still struggling with fundamental pillars of good practice, such as identity management or patch deployment. Analyzing and highlighting the dynamics of what I ended up calling the 'cybersecurity spiral of failure' has been at the heart of my work throughout the last 10 years. Another aspect that has been fascinating for me over the past decade is the number of topics that keep coming up cyclically in cybersecurity articles, and how a similar analysis keeps appearing in what has effectively become a typical echo chamber (and it started before generative AI started writing those pieces). In this article, I would like to deconstruct three of these ideas, which in my view embody the problems still facing the cybersecurity narrative and highlight why it is key to avoid shallow and outdated positions on those matters. This is typical of a mindset that goes back to the first decade of this century, in what was still the early days of cybersecurity practices (the first CISO jobs appeared in the late '90s). Many senior executives used to see cyberattacks as low-probability/low-impact events that would be dealt with if and when they occurred, and they often saw compliance requirements as an arbitrary regulatory imposition. CISOs and their consultants built the 'cybersecurity as an enabler' narrative to try to break those deadlocks, in an attempt to reach into some form of business logic. But by doing so, I noticed they were ignoring endemic short-termism and deep-rooted cognitive biases at the heart of the business attitude on the matter, and there is no evidence that the 'enablement' narrative ever worked, beyond generating headlines across the industry. As my organization showed in 2019 when analyzing the cybersecurity evolution across the first two decades of the century, it is the advent of the cloud and the acceleration of cyberattacks it triggered after 2010 that led to a change in perception, with the dominant center of interests for executives shifting from risk and compliance to incidents and breaches. The second decade of the century became truly a 'realization decade,' during which cybersecurity gradually started to be seen as a necessary barrier in the face of real threats: not something that needs to be justified to 'enable' the business to function, but something that needs to be in place to 'protect' the business, its customers, its brand and shareholder value. This is also typical of the same outdated mindset and is often heard, even nowadays, in relation to the CISO reporting line. This is one of the first topics I wrote about in 2015, and at the time, it was already one of the oldest fixations in the cybersecurity industry. It is conceivable that 20 years ago, some CIOs might have followed their business bosses in their low-probability/low-impact assessment of cyber threats and denied CISOs the resources they were asking for. Every CIO has the right to choose the battles they want to fight, and this one was often seen as too difficult. Given the avalanche of cyberattacks we have been seeing over the past 15 years, I don't think this type of attitude is common today, or even sustainable. As a matter of fact, business leaders—most of them—are well aware of the inevitability of cyberattacks, and 'Are we spending enough on cyber?' has become a more common question for CIOs than 'Why do we need to spend on that?' Organizations where this mindset persists often have a deep-rooted problem and may be in denial about the state of their cyber exposure. Wherever you place the reporting line of the CISO in those organizations, the problems will likely remain. This is a more recent line of thought that has emerged throughout the last decade in the face of the sophistication of cyber threats, and this view tends to see security training and awareness development as the central pillar of any cyber strategy. To me, this is short-sighted, even if there is no denying that cybercrime targets people and that social engineering is key in many attack patterns. What is misguided here is to believe that you can change people's attitude at this level by explaining to them what to do or not to do, and broadly speaking, get them to change their attitudes through logic and reasoning. Many unsafe attitudes in the office are rooted in unsafe social practices and cognitive biases, and changing requires a cultural shift, not just training. Fundamentally, you protect what you care about, and it is only a sense of care for the firm, its values and its people that can lead to an embedded desire to protect the firm's data and information assets. That has to start with the leadership team embodying the right example and needs to cascade down from the very top of the organization. So there is indeed a 'human firewall,' but it is a cultural one driven from the top, not one driven bottom-up or sideways by CISOs through tools and leaflets. Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?