1st Edition
Transforming Cybersecurity Audit Practices with Agility and Artificial Intelligence (AI)
Forewords. Preface. Acknowledgements. Abbreviations. An Introduction: Charting a New Course for Cybersecurity Audit Professionals. Opening Insights. Why This Book, Why Now. Addressing Measurable Cybersecurity Audit Deficiencies. Future-Ready Auditing: Embracing Agility and AI. Foundations for Innovation and Insight. Chapter 1 – Understanding Audit Objectives, Expectations, Concepts, and Opportunities. Chapter 2 – Building Partnerships for Success. Chapter 3 – How to Influence Behaviors and Culture. Chapter 4 – Agility in Action: Rethinking Cybersecurity Audit. Chapter 5 – Harnessing Artificial Intelligence: Enhancing Cybersecurity Audits through Automation and Insight. Chapter 6 – Unlocking Artificial Intelligence: Knowledge, Context, and Curated Resources. Chapter Relationships. Be the Difference: Inspire Agility, Trust, and Innovation. Summary. Chapter 1 – Understanding Audit Objectives, Expectations, Concepts, and Opportunities. Learning Objectives. Opening Insights. Audit Objectives and Expectations. The Value of Internal Audit (IA) and Office of Inspector General (OIG). Audit Role Explained. Real World Lessons. Audit Complexity and Challenges (Opportunities) Explained. Relevance to Cybersecurity Auditing. Future of Cybersecurity Auditing. Summary. Chapter 2 – Building Partnerships for Success. Learning Objectives. Opening Insights. Three Lines of Defense. First Line of Defense (1LoD). Second Line of Defense (2LoD). Third Line of Defense (3LoD). Building Relationships. Streamlining Risk Assessments. Inform Audit Reporting and Executive Discussions. Achieving Audit Standards. Artificial Intelligence – Chat Generative Pre-Trained Transformer (ChatGPT) Sneak Peak (Open AI, 2024). Summary. Chapter 3 – How to Influence Behaviors and Culture. Learning Objectives. Opening Insights. Culture Definition. How Culture Influences Audit Processes. What Culture Works Best with Agility and AI. How Change Management is Influenced by Culture. Defining Culture and Behavior Change Management Strategy. Navigating Resistance: Leadership Strategies and Real-World Change. Achieving Audit Standards. Summary. Chapter 4 – Agility in Action: Rethinking Cybersecurity Audit. Learning Objectives. Opening Insights. Agility Contradiction. Agile and Lean Management Principles. Agile and Traditional Audit Approach. Agile Audit Team. Achieving Audit Standards. Summary. Chapter 5 – Harnessing Artificial Intelligence: Enhancing Cybersecurity Audits through Automation and Insight. Learning Objectives. Opening Insights. Understanding AI Fundamentals. Logical and Physical Security. Types of AI Models. AI Model Validation. AI Applications. Exploring Chatbots. Exploring Predictive Analytics. Exploring AI Recommender Systems. Exploring Robotic Process Automation (RPA). Empowering Cybersecurity Audits through AI Oversight and Maturity. From Adoption to Optimization: Understanding AI Maturity. AI Use Cases for Cybersecurity Auditors – Overview. AI Use Cases for Cybersecurity Auditors – Audit Planning. AI Use Cases for Cybersecurity Auditors – Audit Engagements. AI Use Cases for Cybersecurity Auditors – Continuous Auditing. Charting the Path: Aligning Standards, Culture, and Agility that Empower AI in Cybersecurity Audits. Summary. Chapter 6 – Unlocking Artificial Intelligence: Knowledge, Context, and Curated Resources. Learning Objectives. Opening Insights. AI Training Roadmap for Cybersecurity Auditors. AI Competency Matrix for Cybersecurity Auditors. AI Model Evaluation Checklist. AI Application Evaluation Template. AI Maturity Model for Cybersecurity Audit Function. AI Audit Playbook: A Practical Guide to Assessing and Governing Artificial Intelligence Systems. Internal and External Information Sharing. Continuous Monitoring of Emerging Artificial Intelligence Tools and Capabilities. Periodic Self-Assessments. Measuring Success: Cybersecurity Audit Key Metrics for Evaluating AI Performance. AI Bill of Rights: What You Should Know. Example Cybersecurity Prompts. Example Additional Resources and References. Summary.
Biography
Dr. Linda Kostic is a dynamic and accomplished technology, cybersecurity, and risk professional with over three decades of industry experience and a strong passion for education and professional development. She currently serves as an adjunct professor at the University of Maryland Global Campus (UMGC), where she teaches undergraduate and graduate courses in cybersecurity governance, cybersecurity engineering, leadership, and information assurance. Her teaching approach emphasizes practical, real-world application and integrates AI-powered tools like ChatGPT to foster engagement and accessibility in online and hybrid classrooms.
Dr. Kostic holds a Doctorate in Information Assurance & Cybersecurity, a Master of Science in Telecommunications, and a Bachelor of Science in Accounting. She brings a unique blend of academic depth and corporate leadership, having held senior roles at Citi, T. Rowe Price, Transamerica, and E*TRADE Financial (now Morgan Stanley). Her expertise spans cybersecurity strategy, information technology and cybersecurity risk management, artificial intelligence, internal audit, threat intelligence, incident response, threat intelligence, and governance frameworks including NIST and ISO 31000.
She is also a published author and curriculum innovator. The Transforming Cybersecurity Audit Practices with Agility and AI is a book that merges her technical acumen with her vision for the future of cybersecurity auditing. Certified as a CPA, CISA, CISSP, CSCU, and CIMP, Dr. Kostic is an active contributor to ISACA's professional community, holding leadership positions and contributing to publications and framework development.
Through her work, Dr. Kostic continues to empower learners and professionals to adapt to evolving challenges in cybersecurity by blending rigor, innovation, and lifelong learning. Her LinkedIn profile reflects her commitment to professional growth, diversity, and mentorship across the technology and cybersecurity audit communities.
In the contemporary business landscape, cybersecurity has transcended its technical origins to become a critical pillar of strategic decision-making. As organizations navigate this new era, the traditional audit paradigm must evolve to provide the public and stakeholders with the assurance that strategic choices are both sound and resilient. 'Transforming Cybersecurity Audit Practices with Agility and Artificial Intelligence (AI)' by Dr. Linda Kostic arrives with impeccable timing to address this very necessity.
Dr. Kostic offers a comprehensive roadmap that guides professionals and researchers through the essential transition from rigid, reactive checklists to proactive, intelligent systems. What makes this work truly unique and original is its dual-natured construction: it rigorously satisfies academic requirements while simultaneously delivering realistic, field-tested implementation strategies. By blending the rigor of audit standards with the transformative potential of AI and Agile methodologies, the book moves beyond mere compliance to foster a culture of innovation and shared risk ownership.
I am confident that this book will secure its rightful place in the relevant literature as a seminal resource. It is a must-read for anyone seeking to transform the cybersecurity audit function into a strategic asset that builds lasting stakeholder trust in an increasingly volatile digital world, i.e. VUCA-D.
Sezer Bozkus Kahyaoglu, PhD
Assoc Prof of Finance
CIA, CFE, CFSA, CRMA, CPA, CICP
