Welcome to another edition of Just Unsecure series on information and cyber security matters as it relates to Africa. In this series we will talk about August security news and HOT TOPIC -How to prepare for Security Audit in your organisation
Top Cybersecurity News in August are
1. An Inside Look at Soliciting Employees to Deploy DemonWare
https://abnormalsecurity.com/blog/nigerian-ransomware-soliciting-employees-demonware/
2. Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next 5 years.
https://thehackernews.com/2021/08/microsoft-google-to-invest-30-billion.html
3. Telecom giant T-Mobile recently suffered yet another data breach.
https://thehackernews.com/2020/03/hackers-compromise-t-mobile-employees.html
There are mainly 11 Key steps when preparing for a security audit
Step 1: Scope and Gap Analysis - Audit Standard Selection (ISO, PCIDSS, GDPR, IT Audit or Statutory Audit) and interfaces
Step 2:Create an IT Asset Inventory
Step 3: Risk Assessment
Framework for Risk Assessment - NIST 800:53 or Specific policy requirement. Template and Procedure
Step 4: Close Gaps
Step 5: Review findings from Previous Audits
Step 6: Review and Create IT Policies and Procedures - (Operating Standard) as well as
create a List of Controls and Safeguards
Step 7: Perform a Self-assessment
Step 8: Schedule Tests or Deliverables
Step 9: Ask Your Auditor for a Document/Procedure Checklist
Step 10: Be Prepared for Anything
NOTE: ENSURE TO TALK ABOUT THE RESULTS AND AGREE ON THE REPORT BEFORE BEING PRESENTED IN THE CLOSING MEETING TO MANAGEMENT
SUBSCRIBE, LISTEN and SHARE
#Securityaudit #audit #CyberSecurity,#informationsecurity #cloudsecurity ##cybersecurity #infosecurity #africacybersecurity #NIST # Riskmanagment #policies #procedures #certification #securityassessment #ISO27001 #ISMS
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More