Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Agency Security Audits: A Better Way?

Agency Security Audits: A Better Way? Getting Parties to Agree on Controls to Be Scrutinized

Karen Evans

Karen Evans, formerly the federal government's top IT executive, prescribes a way to get inspectors general and federal agencies on the same page in regards to annual IT security audits.

Evans co-authored a just-released paper for the not-for-profit, which includes a recommendation that the White House Office of Management and Budget and Department of Homeland Security devise metrics that inspectors general can employ to assess the effectiveness of agencies' cybersecurity efforts.

A common complaint voiced by federal CIOs and chief information security officers is that agencies' inspectors general often ignore steps agencies take to secure their IT, and fault agencies for not adhering to specific security controls when conducting annual audits required under the Federal Information Security Management Act. That law governs federal government IT security.


View All Trending Stories