The Audit - Cybersecurity Podcast

IT Audit Labs

Brought to you by IT Audit Labs. Trusted cyber security experts and their guests discuss common security threats, threat actor techniques and other industry topics. IT Audit Labs provides organizations with the leverage of a network of partners and specialists suited for your needs. ​ We are experts at assessing security risk and compliance, while providing administrative and technical controls to improve our clients’ data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact, while our security control assessments rank the level of maturity relative to the size of the organization.

  1. 5D AGO

    The Audit 2025: Deepfakes, Quantum & AI That Changed Everything

    In this special year-end episode, Joshua Schmidt revisits the most mind-bending moments from The Audit's 2025 season. From Justin Marciano and Paul Vann demonstrating live deepfakes in real-time (yes, they actually did it on camera) to Bill Harris explaining how Google's quantum experiments suggest parallel universes, to Alex Bratton's urgent warning about the AI adoption crisis happening right now in boardrooms everywhere.  What You'll Learn:  How adversaries are using free tools to create convincing deepfakes for job interviews and social engineering attacks—and why this represents a national security threat  Why NASA shut down its quantum computer after getting results that "challenge contemporary thinking" (and the wild theories circulating about what they discovered)  The critical mistake companies are making with AI integration: racing ahead without governance, security frameworks, or responsible use policies  How the Pi-hole community exemplifies open-source security at its best—enterprise-grade protection at fractions of the cost  Why IT teams saying "no" to AI isn't realistic, and what responsible AI adoption actually looks like This isn't just a recap—it's a wake-up call. These conversations reveal the inflection points where standing still means falling behind. Whether you're a CISO, security analyst, IT auditor, or business leader trying to navigate AI adoption, these clips offer the perspective you need heading into 2026.  Don't wait until 2026 to realize you missed the critical shift. Subscribe now for cutting-edge cybersecurity insights that keep you ahead of evolving threats.  #cybersecurity #deepfake #quantumcomputing #AI #infosec #ethicalhacking #cyberdefense #2025yearinreview

    23 min

  2. 12/15/2025

    Gaming to Cybersecurity: How AI Agents Fight Alert Overload

    What if you could hire an army of AI security analysts that work 24/7 investigating alerts so your human team can focus on what actually matters? Edward Wu, founder and CEO of DropZone AI, joins The Audit crew to reveal how large language models are transforming security operations—and why the future of cyber defense looks more like a drone war than traditional SOC work.  From his eight years at AttackIQ generating millions of security alerts (and the fatigue that came with them), Edward built DropZone to solve the problem he helped create: alert overload. This conversation goes deep on AI agents specializing in different security domains, the asymmetry problem between attackers and defenders, and why deepfakes might require us to use "safe words" before every Zoom call.  What You'll Learn:  How AI tier-1 analysts automate 90% of alert triage to find real threats faster Why attackers only need to be right once, but AI can level the playing field Real-world deepfake attacks hitting finance teams right now The societal implications of AI-driven social engineering at scale Whether superintelligence will unlock warp engines or just better spreadsheets If alert fatigue is crushing your security team, this episode delivers the blueprint for fighting back with AI. Hit subscribe for more conversations with security leaders who are actually building the future—not just talking about it.  #cybersecurity #AIforCybersecurity #SOC #SecurityOperations #AlertFatigue #DropZoneAI #ThreatDetection #IncidentResponse #CyberDefense #SecurityAutomation

    35 min

  3. 12/01/2025

    Critical Infrastructure: Everything is Connected and Vulnerable

    When hackers target the systems controlling your water, power, and transportation, the consequences go far beyond data breaches—people can die. Leslie Carhartt, Technical Director of Incident Response at Dragos, pulls back the curtain on one of cybersecurity's most critical blind spots: industrial control systems that keep society running but remain dangerously exposed.  What You'll Learn:  Why industrial control systems can't be updated like your laptop—and what that means for security How threat actors are using AI to generate custom malware for power plants and water treatment facilities The real state of critical infrastructure security (spoiler: forget about air gaps) Why commodity ransomware has become an existential threat to industrial operations The five critical controls organizations should implement right now to defend OT environments Don't wait until your organization becomes the next headline. Like, share, and subscribe for more in-depth security intelligence that goes beyond the buzzwords.  #industrialcybersecurity #criticalinfrastructure #OTsecurity #ICS #SCADA #dragos #incidentresponse #ransomware #AIthreats #cybersecurity #infosec

    33 min

  4. 11/17/2025

    Red Team Warfare: A Navy Cyber Officer's Inside Look at Military Offensive Operations

    What if your security team is playing defense while hackers play offense 24/7? Foster Davis, former Navy cyber warfare officer and founder of BreachBits, breaks down why traditional penetration tests become obsolete in weeks—and how continuous red teaming changes the game. From hunting pirates in the Indian Ocean to defending critical infrastructure, Foster shares hard-earned lessons about adversarial thinking, operational risk management, and why the junior person in the room might spot your biggest vulnerability.  What You'll Learn:  Why red teaming creates psychological advantages penetration testing can't match How operational risk management translates technical findings into executive action The real cost of point-in-time security assessments (hint: ask St. Paul, Minnesota) Military-grade frameworks for continuous threat simulation in civilian organizations Why attackers operate 365 days a year—but most organizations test once Don't let your organization become another headline. Security teams need to think like attackers, not just defenders. Subscribe for more conversations that challenge conventional cybersecurity thinking.  #RedTeam #CybersecurityStrategy #PenetrationTesting #MilitaryCyber #ThreatHunting #InfoSec

    41 min

  5. 11/03/2025

    Field Notes: AI's $10 Trillion Lie + Coffee Roasting & Starlink Hacks

    What if everything AI tells you about cybersecurity costs is completely wrong? The Audit crew unpacks a shocking data black hole that has infected every major AI model—plus field-tested tech that actually works. In this laid-back Field Notes episode, Joshua Schmidt, Eric Brown, and Nick Mellum return from Gartner's CIO Symposium with insights that'll make you question your AI outputs. From discovering that the "trillions in cybercrime" statistic is pure fiction (the real number is 16.6 billion) to hands-on reviews of Starlink Mobile and Nothing earbuds, this episode delivers practical intelligence you won't find in vendor pitches. Don't wait for the next data breach to question your assumptions. Subscribe for monthly Field Notes episodes that cut through the noise with honest, technical conversations you can trust. #cybersecurity #AI #artificalintelligence #GartnerCIO #infosec #starlink #fieldnotes #cybertrends #datasecurity #AIbias

    26 min

  6. 10/20/2025

    Apple Vision Pro Meets AI: Why Your Company Needs Both

    What happens when Apple Vision Pro meets enterprise AI? In this episode of The Audit, Alex Bratton—applied technologist and AI implementation expert—joins hosts Joshua Schmidt and Nick Mellem to reveal how spatial computing and artificial intelligence are colliding to reshape how we work. From conducting million-dollar sales meetings in virtual reality to building AI governance frameworks that actually work, Alex breaks down the cutting-edge tech that's moving faster than most organizations can keep up.  This isn't theoretical innovation—it's practical implementation. Alex shares real-world examples of pharmaceutical reps training with AI-powered virtual doctors, airlines redesigning airport gates in spatial environments, and manufacturing teams using Vision Pro for secure work on confidential documents at 30,000 feet. If you've been skeptical about AR/VR or overwhelmed by AI adoption, this conversation delivers the clarity you need to make informed decisions for your organization.  Key Topics:  Why Apple Vision Pro is the "iPhone 1 moment" for spatial computing and what that means for enterprise security The three categories of AI tools: reactive assistants, task-based agents, and goal-oriented digital employees How to build AI governance frameworks without crushing innovation or falling behind competitors Real security concerns with AI tools and which vendors are actually protecting your data Why mid-market companies are outpacing Fortune 500s in AI adoption—and what that means for your industry Practical strategies for baking AI into company culture without triggering employee resistance The critical difference between free AI tools that steal your data and paid platforms that protect it  Whether you're a CISO evaluating AI tools, an IT director building governance policies, or a security professional trying to stay ahead of threats, this episode delivers actionable intelligence you can implement today. The AI revolution isn't coming—it's already here. The question is whether your organization will lead or get left behind.  #cybersecurity #infosec #AI #VR #AppleVisionPro

    37 min

  7. 10/06/2025

    Field Notes: Coffee, Gliders & Trademark Scams

    Ever wonder what the hosts of The Audit talk about when the mics are rolling but the formal interview isn't happening? This Field Notes episode gives you exactly that—unfiltered conversations covering everything from coffee preferences and glider flying to trademark scams targeting cybersecurity professionals.  Nick and Eric dive into Eric's latest aviation adventures (spoiler: gliders are apparently safer than planes with engines), share war stories about scam calls trying to exploit trademark filings, and swap tales about expensive vet visits. Plus, hear some nostalgic cybersecurity stories from the Wild West days when networks ran without firewalls and people could taste peanut butter straight from the jar at grocery stores.  Key Topics:   Eric's glider pilot training and why it's "safer" than powered flight  Trademark registration scams targeting IT professionals  Coffee roasting tips from flight instructors  Cybersecurity nostalgia: Temple University's router-only network  Why Eric kept a scammer on the phone for 5 minutes during pickleball Whether you're here for the cybersecurity insights or just want to know why Nick prefers Diet Coke to Coke Zero, this episode delivers the authentic conversations that happen between industry pros. Don't miss Eric's glider safety argument—it might just change your perspective on risk management.  #cybersecurity #infosec #fieldnotes #aviation #scamcalls #itauditlabs

    25 min

  8. 09/22/2025

    Cybersecurity News: Grok AI Hijacked for Malware, Wi-Fi Heart Rate Hacks, Starlink Competition

    Cybercriminals are exploiting X's Grok AI to bypass ad protections and spread malware to millions—while researchers discover your home Wi-Fi can now monitor your heart rate. This week's news breakdown covers the attack vectors you need to know about.  Join co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem as they dive into the latest cybersecurity developments that could impact your organization tomorrow. From social media malvertising to biometric data harvesting through everyday devices, these aren't distant threats—they're happening now.  Key Topics Covered:   How cybercriminals are weaponizing Grok AI for malvertising campaigns Why 10-15% of employees access risky content at work (and what to do about it)  Wi-Fi devices that can detect heart rates from 10 feet away—privacy implications  Amazon's Project Kuiper vs. Starlink: What 1GB satellite internet means for security  Practical defenses: YubiKeys, browser isolation, and network redundancy strategies Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions!  #cybersecurity #infosec #grok #malware #starlink #wifi #privacy #ITsecurity

    15 min
See All (82)

Ratings & Reviews

5
out of 5
7 Ratings

About

Brought to you by IT Audit Labs. Trusted cyber security experts and their guests discuss common security threats, threat actor techniques and other industry topics. IT Audit Labs provides organizations with the leverage of a network of partners and specialists suited for your needs. ​ We are experts at assessing security risk and compliance, while providing administrative and technical controls to improve our clients’ data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact, while our security control assessments rank the level of maturity relative to the size of the organization.

Information

  • Creator
    IT Audit Labs
  • Years Active
    2022 - 2025
  • Episodes
    82
  • Rating
    Explicit
  • Copyright
    © 2025 The Audit - Cybersecurity Podcast
  • Show Website
    The Audit - Cybersecurity Podcast