We all dread them; we all need them – security audits. They can take multiple forms, but without security audits we are unable to measure cybersecurity improvements and many deficiencies may never be brought to light. Security audits involve evaluating or analyzing people, processes, and technology surrounding the security aspects of an organization. Likewise, as organizational networks and cyber threats are constantly changing, security audits should be performed regularly to assess if current controls and processes sufficiently reduce risk against the ever-changing threat landscape. To better understand the types and approaches of security audits (and to help your utility’s favorite auditors), the EC-Council posted The Ultimate Guide to a Cybersecurity Audit: An Essential for Your Success. The post covers the process, workflow, and types of audits. Read more at EC-Council.