In an era where cyber threats evolve faster than traditional defenses can adapt, the need for a paradigm shift in cybersecurity auditing has never been more urgent. Transforming Cybersecurity Audit Practices with Agility and Artificial Intelligence (AI) presents a groundbreaking approach to modernizing audit methodologies by integrating agile principles and artificial intelligence (AI). This book explores how conventional audit frameworks often rigid, reactive, and siloed can be reimagined into dynamic, proactive, and intelligent systems that align with the pace of digital transformation.
Drawing from real-world case studies, industry standards, and emerging technologies, this book provides a comprehensive roadmap for cybersecurity audit, cybersecurity, and information technology professionals seeking to enhance audit and risk management effectiveness and resilience. It delves into the application of agile methodologies to audit planning, execution, and reporting, enabling continuous assurance and iterative risk assessment. Simultaneously, the book examines the transformative role of AI in automating control testing, anomaly detection, and predictive analytics, thereby reducing human error and increasing audit precision.
Key themes include the cultural and organizational shifts required to embrace agility, the ethical and governance considerations of AI in auditing, and the development of hybrid audit models that balance automation with human oversight. This book also offers practical tools, frameworks, and metrics to guide implementation and measure success.
Whether youre modernizing an internal cybersecurity audit function or building a next-generation cybersecurity assurance program, this book equips you with the insights and strategies to lead with confidence in a rapidly changing threat landscape. It is both a call to action and a practical guide for transforming cybersecurity audits into agile, intelligent, and future-ready practices.
Keywords: Cybersecurity Audit, Cybersecurity Risk Management, Cyber Threat Intelligence, Data Privacy, Artificial Intelligence, Adversarial AI, AI Ethics, AI Governance, Responsible AI, Machine Learning, Large Language Models, Natural Language Processing, Robotic Process Automation, Recommender, Predictive Analytics, AI and Human Element, Agile, Agility, Partnerships, Culture, Continuous Learning.
Forewords. Preface. Acknowledgements. Abbreviations. An Introduction:
Charting a New Course for Cybersecurity Audit Professionals. Opening
Insights. Why This Book, Why Now. Addressing Measurable Cybersecurity Audit
Deficiencies. Future-Ready Auditing: Embracing Agility and AI. Foundations
for Innovation and Insight.
Chapter 1 Understanding Audit Objectives,
Expectations, Concepts, and Opportunities.
Chapter 2 Building Partnerships
for Success.
Chapter 3 How to Influence Behaviors and Culture.
Chapter 4
Agility in Action: Rethinking Cybersecurity Audit.
Chapter 5 Harnessing
Artificial Intelligence: Enhancing Cybersecurity Audits through Automation
and Insight.
Chapter 6 Unlocking Artificial Intelligence: Knowledge,
Context, and Curated Resources.
Chapter Relationships. Be the Difference:
Inspire Agility, Trust, and Innovation. Summary.
Chapter 1 Understanding
Audit Objectives, Expectations, Concepts, and Opportunities. Learning
Objectives. Opening Insights. Audit Objectives and Expectations. The Value of
Internal Audit (IA) and Office of Inspector General (OIG). Audit Role
Explained. Real World Lessons. Audit Complexity and Challenges
(Opportunities) Explained. Relevance to Cybersecurity Auditing. Future of
Cybersecurity Auditing. Summary.
Chapter 2 Building Partnerships for
Success. Learning Objectives. Opening Insights. Three Lines of Defense. First
Line of Defense (1LoD). Second Line of Defense (2LoD). Third Line of Defense
(3LoD). Building Relationships. Streamlining Risk Assessments. Inform Audit
Reporting and Executive Discussions. Achieving Audit Standards. Artificial
Intelligence Chat Generative Pre-Trained Transformer (ChatGPT) Sneak Peak
(Open AI, 2024). Summary.
Chapter 3 How to Influence Behaviors and Culture.
Learning Objectives. Opening Insights. Culture Definition. How Culture
Influences Audit Processes. What Culture Works Best with Agility and AI. How
Change Management is Influenced by Culture. Defining Culture and Behavior
Change Management Strategy. Navigating Resistance: Leadership Strategies and
Real-World Change. Achieving Audit Standards. Summary.
Chapter 4 Agility in
Action: Rethinking Cybersecurity Audit. Learning Objectives. Opening
Insights. Agility Contradiction. Agile and Lean Management Principles. Agile
and Traditional Audit Approach. Agile Audit Team. Achieving Audit Standards.
Summary.
Chapter 5 Harnessing Artificial Intelligence: Enhancing
Cybersecurity Audits through Automation and Insight. Learning Objectives.
Opening Insights. Understanding AI Fundamentals. Logical and Physical
Security. Types of AI Models. AI Model Validation. AI Applications. Exploring
Chatbots. Exploring Predictive Analytics. Exploring AI Recommender Systems.
Exploring Robotic Process Automation (RPA). Empowering Cybersecurity Audits
through AI Oversight and Maturity. From Adoption to Optimization:
Understanding AI Maturity. AI Use Cases for Cybersecurity Auditors
Overview. AI Use Cases for Cybersecurity Auditors Audit Planning. AI Use
Cases for Cybersecurity Auditors Audit Engagements. AI Use Cases for
Cybersecurity Auditors Continuous Auditing. Charting the Path: Aligning
Standards, Culture, and Agility that Empower AI in Cybersecurity Audits.
Summary.
Chapter 6 Unlocking Artificial Intelligence: Knowledge, Context,
and Curated Resources. Learning Objectives. Opening Insights. AI Training
Roadmap for Cybersecurity Auditors. AI Competency Matrix for Cybersecurity
Auditors. AI Model Evaluation Checklist. AI Application Evaluation Template.
AI Maturity Model for Cybersecurity Audit Function. AI Audit Playbook: A
Practical Guide to Assessing and Governing Artificial Intelligence Systems.
Internal and External Information Sharing. Continuous Monitoring of Emerging
Artificial Intelligence Tools and Capabilities. Periodic Self-Assessments.
Measuring Success: Cybersecurity Audit Key Metrics for Evaluating AI
Performance. AI Bill of Rights: What You Should Know. Example Cybersecurity
Prompts. Example Additional Resources and References. Summary.
Dr. Linda Kostic is a dynamic and accomplished technology, cybersecurity, and risk professional with over three decades of industry experience and a strong passion for education and professional development. She currently serves as an adjunct professor at the University of Maryland Global Campus (UMGC), where she teaches undergraduate and graduate courses in cybersecurity governance, cybersecurity engineering, leadership, and information assurance. Her teaching approach emphasizes practical, real-world application and integrates AI-powered tools like ChatGPT to foster engagement and accessibility in online and hybrid classrooms.
Dr. Kostic holds a Doctorate in Information Assurance & Cybersecurity, a Master of Science in Telecommunications, and a Bachelor of Science in Accounting. She brings a unique blend of academic depth and corporate leadership, having held senior roles at Citi, T. Rowe Price, Transamerica, and E*TRADE Financial (now Morgan Stanley). Her expertise spans cybersecurity strategy, information technology and cybersecurity risk management, artificial intelligence, internal audit, threat intelligence, incident response, threat intelligence, and governance frameworks including NIST and ISO 31000.
She is also a published author and curriculum innovator. The Transforming Cybersecurity Audit Practices with Agility and AI is a book that merges her technical acumen with her vision for the future of cybersecurity auditing. Certified as a CPA, CISA, CISSP, CSCU, and CIMP, Dr. Kostic is an active contributor to ISACA's professional community, holding leadership positions and contributing to publications and framework development.
Through her work, Dr. Kostic continues to empower learners and professionals to adapt to evolving challenges in cybersecurity by blending rigor, innovation, and lifelong learning. Her LinkedIn profile reflects her commitment to professional growth, diversity, and mentorship across the technology and cybersecurity audit communities.
