ISACA Now Blog

Knowledge & Insights > ISACA Now > Posts > Advocating for a Strong Cybersecurity Workforce, IT Audit Standards and NIST Reauthorization Act on Capitol Hill

Advocating for a Strong Cybersecurity Workforce, IT Audit Standards and NIST Reauthorization Act on Capitol Hill

| Posted at 3:02 PM by ISACA News | Category: ISACA | Permalink | Email this Post | Comments (0)

Members of ISACA’s US Public Policy Working Group recently gathered on Capitol Hill in Washington, D.C., to listen to inspiring speakers and to advocate for issues important to ISACA constituents, drawing from their personal experiences and professional backgrounds.

Over the course of a productive day, these ISACA volunteers met with Congressional members and staff leaders from seven districts from California, Illinois, New York, Texas and Virginia—states from where ISACA’s participants hailed. Key topics discussed included the National Institute of Standards and Technology (NIST) Reauthorization Bill (H.R. 6229), the value of authoring and introducing legislation focused on the future of IT audit, and the importance of certifications in preparing the workforce for cybersecurity jobs and closing the skills gap.

The participants expressed the importance of supporting H.R. 6229, as it would not only reauthorize NIST, but also strengthen research and development programs related to cybersecurity, artificial intelligence (AI), internet of things (IoT), and quantum computing and increase opportunities within the cybersecurity profession.

ISACA’s US Public Policy Working Group recently came together from across the country to engage in advocacy efforts on Capitol Hill.

Additionally, as some of the Public Policy Working Group had worked or currently work within government, they could also personally speak to the challenges of managing several audits throughout any given year in addition to the rest of their workload. They emphasized that improving and streamlining standards for audits would not only help make the process more efficient and deliver more meaningful results, but also incorporate emerging technologies such as AI that are currently not factored into most audits.

“As a member of the ISACA US Public Policy Working Group, I appreciated the opportunity to visit Capitol Hill to discuss legislative initiatives that impact my profession,” said Howard Duck, CISSP, CISM, CISA, PCIP, past president of the ISACA Sacramento chapter. “Joining other ISACA members in these discussions was interesting and informative for me.”

Another ISACA volunteer, Kyle Foley, CISA, CGEIT, CRISC, PMP, agreed. “Meeting with Congressional staff in the House and Senate to discuss ISACA's mission and information security issues, such as the NIST reauthorization legislation and our ‘One-Audit’ initiative, was fun, interesting, and rewarding.”

Joel Creswell, Ph.D., Legislative Assistant to Congressman Daniel Lipinski (IL-03), who kicked off the advocacy day by speaking to the group on Rep. Lipinski’s work in the research and development and science and engineering spaces, as well as on initiatives related to AI, quantum computing and cybersecurity education, noted that IT audits were a focal point of the roundtable discussion with ISACA the day before.

Another common issue that causes concern to both ISACA members and Congressional staff was the challenge in building a strong cybersecurity workforce and addressing existing skills gaps.

Nick Leiserson, Legislative Director for Congressman Jim Langevin (RI-02), spoke to the group mid-day and provided highlights from this year, such as the creation of the Cybersecurity and Infrastructure Security Agency, as well as a preview of what ISACA’s professional community might expect to see come out of the work of the 116th Congress.

During ISACA’s advocacy day, participants discussed key issues such as supporting the NIST Reauthorization Bill, envisioning legislation around the future of IT audit and closing the skills gap with certifications.

The experience was not only an opportunity to raise important issues, but also ended up being a milestone for the ISACA volunteers who participated. It was the first time each of them had been involved in such an advocacy day—and it was an experience they found to be very positive.

"ISACA continues to exceed my expectations, and today’s advocacy event was no exception,” said Angel Contreras, CISA, CDFM, senior manager, technology risk at EY. “Being able to meet with policymakers—having open discussions on the key cyber and audit challenges with the common goal of making progress to secure our enterprises—was a memorable experience that embodies what ISACA is all about." 

Added ISACA volunteer Kevin McDonald, CISSP, CISA, CRISC, CBCP, PMP, senior program manager at Copper River Enterprise Services, “This is a prime example of ISACA’s support for the industry and proactive approach to supporting the next generation challenges in audit and technology.”


There are no comments yet for this post.
You must be logged in and a member to post a comment to this blog.