Information security risk has evolved dramatically over time. However, many of the strategies that are deployed to manage this risk are not adequately addressing the true security needs. Complexities with IOT (Internet of Things), cloudification, the Advanced Persistent Threat and more make the challenge of addressing risk even more difficult at times. Attackers are capable of bypassing perimeter defenses to target organization information assets. Attacks are more sophisticated and difficult to detect. The Auditing Cybersecurity course focuses on the key controls that should exist to provide a strong cybersecurity posture, including the capabilities to protect, detect, respond and recover from cybersecurity incidents. A number of different standards such as the NIST Cybersecurity Framework will be looked at during this course. The course also investigates key controls that should be in place, including how auditors can successfully audit for the effectiveness of controls. Hands-on exercises including exercises using Metasploit, Nikto, Nipper and more help reinforce the material by better understanding the attacker tools and auditor tools that are available.Level: All levels, 24 CPEs