Welcome to another edition of Just Unsecure series on information and cyber security matters as it relates to Africa. In this series we will talk about  August security news  and HOT TOPIC -How to prepare for Security Audit in your organisation
 Top Cybersecurity News in August are 
 1. An Inside Look at Soliciting Employees to Deploy DemonWare
 https://abnormalsecurity.com/blog/nigerian-ransomware-soliciting-employees-demonware/

2. Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next 5 years.
 https://thehackernews.com/2021/08/microsoft-google-to-invest-30-billion.html

3. Telecom giant T-Mobile recently suffered yet another data breach.
 https://thehackernews.com/2020/03/hackers-compromise-t-mobile-employees.html

There are mainly 11 Key steps when preparing for a security audit 
 Step 1: Scope and Gap Analysis - Audit Standard Selection (ISO, PCIDSS, GDPR, IT Audit or Statutory Audit) and interfaces
 Step 2:Create an IT Asset Inventory
 Step 3: Risk Assessment
 Framework for Risk Assessment - NIST 800:53 or Specific policy requirement. Template and Procedure 
 Step 4: Close Gaps 
 Step 5: Review findings from Previous Audits
 Step 6: Review and Create IT Policies and Procedures - (Operating Standard) as well as
 create a List of Controls and Safeguards
 Step 7: Perform a Self-assessment
 Step 8: Schedule Tests or Deliverables
 Step 9: Ask Your Auditor for a Document/Procedure Checklist
 Step 10: Be Prepared for Anything

NOTE: ENSURE TO TALK ABOUT THE RESULTS  AND AGREE ON THE REPORT BEFORE BEING PRESENTED IN THE CLOSING MEETING TO MANAGEMENT

SUBSCRIBE, LISTEN and SHARE

#Securityaudit #audit #CyberSecurity,#informationsecurity #cloudsecurity ##cybersecurity #infosecurity #africacybersecurity #NIST # Riskmanagment #policies #procedures #certification #securityassessment #ISO27001 #ISMS