About the Book
In an era where cyber threats evolve faster than traditional defenses can adapt, the need for a paradigm shift in cybersecurity auditing has never been more urgent. Transforming Cybersecurity Audit Practices with Agility and Artificial Intelligence (AI) presents a groundbreaking approach to modernizing audit methodologies by integrating agile principles and artificial intelligence. This book explores how conventional audit frameworks—often rigid, reactive, and siloed—can be reimagined into dynamic, proactive, and intelligent systems that align with the pace of digital transformation.
Drawing from real-world case studies, industry standards, and emerging technologies, this book provides a comprehensive roadmap for cybersecurity audit, cybersecurity, and information technology professionals seeking to enhance audit and risk management effectiveness and resilience. It delves into the application of agile methodologies to audit planning, execution, and reporting, enabling continuous assurance and iterative risk assessment. Simultaneously, it examines the transformative role of AI in automating control testing, anomaly detection, and predictive analytics, thereby reducing human error and increasing audit precision.
Key themes include the cultural and organizational shifts required to embrace agility, the ethical and governance considerations of AI in auditing, and the development of hybrid audit models that balance automation with human oversight. This book also offers practical tools, frameworks, and metrics to guide implementation and measure success.
Whether you're modernizing an internal cybersecurity audit function or building a next-generation cybersecurity assurance program, this book equips you with the insights and strategies to lead with confidence in a rapidly changing threat landscape. It is both a call to action and a practical guide for transforming cybersecurity audits into agile, intelligent, and future-ready practices.
Table of Contents:
Forewords. Preface. Acknowledgements. Abbreviations. An Introduction: Charting a New Course for Cybersecurity Audit Professionals. Opening Insights. Why This Book, Why Now. Addressing Measurable Cybersecurity Audit Deficiencies. Future-Ready Auditing: Embracing Agility and AI. Foundations for Innovation and Insight. Chapter 1 – Understanding Audit Objectives, Expectations, Concepts, and Opportunities. Chapter 2 – Building Partnerships for Success. Chapter 3 – How to Influence Behaviors and Culture. Chapter 4 – Agility in Action: Rethinking Cybersecurity Audit. Chapter 5 – Harnessing Artificial Intelligence: Enhancing Cybersecurity Audits through Automation and Insight. Chapter 6 – Unlocking Artificial Intelligence: Knowledge, Context, and Curated Resources. Chapter Relationships. Be the Difference: Inspire Agility, Trust, and Innovation. Summary. Chapter 1 – Understanding Audit Objectives, Expectations, Concepts, and Opportunities. Learning Objectives. Opening Insights. Audit Objectives and Expectations. The Value of Internal Audit (IA) and Office of Inspector General (OIG). Audit Role Explained. Real World Lessons. Audit Complexity and Challenges (Opportunities) Explained. Relevance to Cybersecurity Auditing. Future of Cybersecurity Auditing. Summary. Chapter 2 – Building Partnerships for Success. Learning Objectives. Opening Insights. Three Lines of Defense. First Line of Defense (1LoD). Second Line of Defense (2LoD). Third Line of Defense (3LoD). Building Relationships. Streamlining Risk Assessments. Inform Audit Reporting and Executive Discussions. Achieving Audit Standards. Artificial Intelligence – Chat Generative Pre-Trained Transformer (ChatGPT) Sneak Peak (Open AI, 2024). Summary. Chapter 3 – How to Influence Behaviors and Culture. Learning Objectives. Opening Insights. Culture Definition. How Culture Influences Audit Processes. What Culture Works Best with Agility and AI. How Change Management is Influenced by Culture. Defining Culture and Behavior Change Management Strategy. Navigating Resistance: Leadership Strategies and Real-World Change. Achieving Audit Standards. Summary. Chapter 4 – Agility in Action: Rethinking Cybersecurity Audit. Learning Objectives. Opening Insights. Agility Contradiction. Agile and Lean Management Principles. Agile and Traditional Audit Approach. Agile Audit Team. Achieving Audit Standards. Summary. Chapter 5 – Harnessing Artificial Intelligence: Enhancing Cybersecurity Audits through Automation and Insight. Learning Objectives. Opening Insights. Understanding AI Fundamentals. Logical and Physical Security. Types of AI Models. AI Model Validation. AI Applications. Exploring Chatbots. Exploring Predictive Analytics. Exploring AI Recommender Systems. Exploring Robotic Process Automation (RPA). Empowering Cybersecurity Audits through AI Oversight and Maturity. From Adoption to Optimization: Understanding AI Maturity. AI Use Cases for Cybersecurity Auditors – Overview. AI Use Cases for Cybersecurity Auditors – Audit Planning. AI Use Cases for Cybersecurity Auditors – Audit Engagements. AI Use Cases for Cybersecurity Auditors – Continuous Auditing. Charting the Path: Aligning Standards, Culture, and Agility that Empower AI in Cybersecurity Audits. Summary. Chapter 6 – Unlocking Artificial Intelligence: Knowledge, Context, and Curated Resources. Learning Objectives. Opening Insights. AI Training Roadmap for Cybersecurity Auditors. AI Competency Matrix for Cybersecurity Auditors. AI Model Evaluation Checklist. AI Application Evaluation Template. AI Maturity Model for Cybersecurity Audit Function. AI Audit Playbook: A Practical Guide to Assessing and Governing Artificial Intelligence Systems. Internal and External Information Sharing. Continuous Monitoring of Emerging Artificial Intelligence Tools and Capabilities. Periodic Self-Assessments. Measuring Success: Cybersecurity Audit Key Metrics for Evaluating AI Performance. AI Bill of Rights: What You Should Know. Example Cybersecurity Prompts. Example Additional Resources and References. Summary.
About the Author :
Dr. Linda Kostic is a dynamic and accomplished technology, cybersecurity, and risk professional with over three decades of industry experience and a strong passion for education and professional development. She currently serves as an adjunct professor at the University of Maryland Global Campus (UMGC), where she teaches undergraduate and graduate courses in cybersecurity governance, cybersecurity engineering, leadership, and information assurance. Her teaching approach emphasizes practical, real-world application and integrates AI-powered tools like ChatGPT to foster engagement and accessibility in online and hybrid classrooms.
Dr. Kostic holds a Doctorate in Information Assurance & Cybersecurity, a Master of Science in Telecommunications, and a Bachelor of Science in Accounting. She brings a unique blend of academic depth and corporate leadership, having held senior roles at Citi, T. Rowe Price, Transamerica, and E*TRADE Financial (now Morgan Stanley). Her expertise spans cybersecurity strategy, information technology and cybersecurity risk management, artificial intelligence, internal audit, threat intelligence, incident response, threat intelligence, and governance frameworks including NIST and ISO 31000.
She is also a published author and curriculum innovator. The Transforming Cybersecurity Audit Practices with Agility and AI is a book that merges her technical acumen with her vision for the future of cybersecurity auditing. Certified as a CPA, CISA, CISSP, CSCU, and CIMP, Dr. Kostic is an active contributor to ISACA's professional community, holding leadership positions and contributing to publications and framework development.
Through her work, Dr. Kostic continues to empower learners and professionals to adapt to evolving challenges in cybersecurity by blending rigor, innovation, and lifelong learning. Her LinkedIn profile reflects her commitment to professional growth, diversity, and mentorship across the technology and cybersecurity audit communities.
