security audit Archives

Wyden on Capitol Hill — Sen. Ron Wyden, D-Ore., at a Feb. 24 hearing of the Senate Committee on Energy and Natural Resources. Wyden asked online-testing firm ProctorU to bolster its cybersecurity. (Photo by Leigh Vogel-Pool/Getty Images)

Online testing firm agrees to security audit after inquiry from senator

It’s another case of privacy and security risks emerging in technology that is key to adapting to the coronavirus pandemic.

Apr 9, 2021 By Sean Lyngaas

The Department of Interior headquarters (Wikimedia)

The Interior Department OIG clearly had some fun hacking the agency’s Wi-Fi networks

The report by the Office of the Inspector General underscores how a tech-savvy team can expose and help fix gaping security holes.

Sep 17, 2020 By Sean Lyngaas

classified, laptop, hand, computer, dark — (Getty Images)

Improve controls on classified information, inspector general tells U.S. intelligence community

The IC has to ramp up how it manages and mitigates "the risk that a trusted privileged user could inappropriately access, modify, destroy, or exfiltrate classified data,”…

Nov 27, 2019 By Shannon Vavra

How to demonstrate trust in cybersecurity practices with organization leaders

A new report advises CISOs to measure their security investments and identify critical weaknesses by conducting continuous penetration testing.

Jun 4, 2019 By CyberScoop Staff

As threats increase, audit finds federal agencies struggle to implement cyber plans

“Until agencies more effectively implement the government’s approach and strategy, federal systems will remain at risk,” GAO warned.

Dec 19, 2018 By Sean Lyngaas

Symantec’s stock plummets after announcement of internal audit

Symantec is conducting an investigation over “concerns raised by a former employee.”

May 11, 2018 By Zaid Shoorbajee

The HHS building in Washington, D.C. (jinjian liang / Flickr)

Watchdog group calls on HHS to improve cyber defenses

The Department of Health and Human Service's Office of Inspector General said that a penetration test on four operating divisions identified "configuration management and access control vulnerabilities."

Dec 20, 2017 By Zaid Shoorbajee

Auditors get guidance on SSH key management

A new guide for auditors says SSH key management should be on their checklist because the proliferation of unmanaged keys for the ubiquitous encryption protocol means IT…

Sep 12, 2017 By Shaun Waterman

Sizing up risk management: Accountants issue guide for cyber audits

The largest professional organizations for qualified accountants issued guidance to its members this week about how to audit management claims about their company's cybersecurity.

May 26, 2017 By Shaun Waterman

Tech workers are routinely pressured to roll out products that aren’t secure, report says

What happens to projects that set aside security in favor of speed?

Apr 12, 2017