Careers Information Security Podcast

Regulatory compliance is the backbone of a financial institution's information security program. But compliance alone isn't enough, says John Pironti of ISACA's Education Board, who advises institutions to take a risk-based, not a "checklist-based" approach to security. In an exclusive interview, Pironti discusses: The risks of 'Security by Compliance'; Top risk management/compliance issues of 2009; What will be the most in-demand skills and job opportunities for information security professionals. In addition to his role with ISACA, Pironti is currently the Chief Information Risk Strategist for CompuCom. He has designed and implemented enterprise wide electronic business solutions, information security programs, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, government, hospitality, aerospace and information technology on a global scale. Pironti has a number of industry certifications including Certified in the Governance of Ente