The Audit IT Audit Labs

Get ready for a special episode of The Audit! We're celebrating our 40th episode with Brian Johnson, host of the 7-Minute Security podcast, as we talk cybersecurity, social engineering, and some wild stories that you won't want to miss. 
We’ll explore the role of tabletop exercises in shoring up a company's security and dive into the fascinating world of open-source intelligence. We’ll uncover what it takes to protect against cyber threats, why pen testing matters, and how social engineering tests can be a rollercoaster of nerves. Brian also shares his journey from being a Christmas caroler in "Jingle All the Way" to being a cybersecurity consultant and podcast host. This episode is packed with insights, laughs, and even some hairless cats. 
Brian Johnson's journey from Christmas caroler in "Jingle All the Way" to cybersecurity consultant and podcast host The role of tabletop exercises in improving a company's security posture Pen testing insights: why it matters and how it's done Social engineering stories: the highs and lows of testing human vulnerabilities Open-source intelligence: what it is and why it's important for cybersecurity Unexpected surprises: including stories about skydiving and hairless cats If you're interested in cybersecurity and want to hear some great stories from the industry, this episode has you covered. Enjoy the laughs and insights, and don't forget to like, share, and subscribe for more content from The Audit. 
#Cybersecurity #PenTesting #SocialEngineering #Skydiving 

In this episode we explore the intersection of AI and cybersecurity in the construction industry with John Massie, Technology Director at Journey Group. 
John shares his insights on integrating technology to enhance cybersecurity and operational efficiency within the construction sector. The discussion covers a range of topics from combatting sophisticated phishing attacks to the strategic use of AI tools like ChatGPT and Copilot. Delve into the challenges of AI-generated content, governance, intellectual property concerns, and the transformative impact of AI on traditional business models. 
In this episode we cover: 
Best practices for AI in non-tech sectors Cybersecurity policies for AI Mitigating cyber security risks in construction AI's role in the construction industry Ethical challenges of AI-generated content Future trends in AI governance AI's implications for industry standards  
Stay tuned for more insights into the future of IT technology and its transformative effects on the business landscape. 
#AIcybersecurity #Cybersecurity #Infosec #ConstructionTech #AIPolicies 

Join us on The Audit for a critical examination of cybersecurity's latest frontiers: threats to our water system and the push for global IoT security standards.  
In this episode, our team of cybersecurity experts, Eric Brown and Nick Mellum, dissect the Biden administration's recent warnings about cyber-attacks on U.S. water utilities and delve into the newly announced IoT device security specifications by The Cloud Security Alliance (CSA). From nation-state actors targeting essential infrastructure to the complexities of securing IoT devices in your home, this discussion offers invaluable insights into safeguarding our digital and physical worlds. 
What You'll Learn: 
The significance of recent cybersecurity warnings regarding the water sector. The importance of a unified cybersecurity standard for IoT devices. Strategies for securing IoT devices within corporate and home networks. The role of cybersecurity in ensuring the safety and reliability of essential public utilities. 

In this episode of The Audit, we dive into the world of phishing to uncover the sophisticated tactics that make these scams the leading threat in cybersecurity. Join us as Jamie Arndt, a cybersecurity expert with extensive experience in reverse engineering and analyzing malicious emails, shares his insights and stories from the front lines. 
We’ll cover: 
• The rise of generative AI in crafting phishing emails that bypass traditional detection methods. 
• Real-world stories of phishing attacks, from impersonating school communications to exploiting professional relationships. 
• The psychological tactics used by attackers to exploit human nature and gain access to sensitive information. 
• Innovative defense strategies and tools that organizations can employ to protect themselves against phishing attempts. 
• Practical advice for individuals on recognizing phishing attempts and safeguarding personal information. 
This episode arms you with the knowledge of what to look for in phishing emails, emphasizing the importance of vigilance and education in the digital age. 

How exposed are your 3D printing operations to cyber threats? Is the intellectual property involved in 3D printing at risk, and can 3D printers themselves become targets for hackers?  
 
As 3D printing technology becomes more integrated into various industries, its cybersecurity implications cannot be ignored. This episode sheds light on the exciting world of 3D printing, focusing on its potential for innovation while addressing the significant cybersecurity challenges it faces. 
We'll explore: 
• The basics of 3D printing technology and its cybersecurity implications. 
• Protecting intellectual property in the realm of 3D printing. 
• The vulnerabilities of 3D printers to hacking and how to safeguard them. 
• Strategies for securing 3D printing operations against cyber threats. 
• Real-world examples of cybersecurity breaches in 3D printing. 
Whether you're a cybersecurity professional, a 3D printing enthusiast, or someone interested in the intersection of technology and security, this episode offers valuable insights into protecting your 3D printing projects.   

How secure is a VPN, really? Can a VPN server be hacked, and are these services truly safe? In this episode of The Audit, Joshua, Nick, and Eric tackle these pressing questions head-on.  
As the cybersecurity landscape evolves, Virtual Private Networks (VPNs) are increasingly common among cybersecurity professionals and enthusiasts alike... but how secure are they? In this episode, we take you through the mechanics of VPNs, their role in safeguarding your data, and the vulnerabilities that can expose users to risk.  

We'll cover: 
•  What are VPNs and how do they work? 
•  How to choose the right VPN provider: Considerations and pitfalls. 
•  The difference between corporate and personal VPN use and their unique challenges. 
•  How to mitigate risks associated with VPN usage. 
•  The recent Ivanti VPN breach 
 
If you care about your digital privacy, curious about how VPNs fit into your life, or pondering the real benefits and risks of using VPN services, then this episode is for you.