SOC Audits Decoded: What Your Business Needs to Know Now!

Are SOC audits just another compliance requirement, or do they provide real security value? In this episode of The Audit, we sit down with Adam Russell from Schellman to debunk common misconceptions about SOC audits and explore why they’re more than just a checkbox exercise—especially for startups. Adam joins the IT Audit Labs team for a deep dive into the often-misunderstood world of attestations, sharing expert insights on how organizations can effectively prepare for a SOC audit and determine which security assessments best fit their needs.  In this episode we discuss: - The biggest mistakes startups make with SOC audits - Why SOC 2 is more flexible than you might think - The myth that big companies are always secure - How SOC assessments can strengthen security culture - Gamified training & newsletters for better compliance engagement - How external auditors can empower internal teams Whether you're preparing for your first SOC audit or navigating complex compliance requirements, this episode is packed with actionable insights to help you enhance security and compliance strategies. 🔔 Subscribe for more cybersecurity insights! #Cybersecurity #SOCAudit #Compliance #StartupSecurity #TheAuditPodcast 

Think audits are just paperwork? Think again. They’re the frontline defense against security gaps, data breaches, and unchecked access. In this episode of The Audit, we break down how Elon Musk’s unexpected access to FEMA’s sensitive data underscores the critical role of audits in organizational security. We reveal how regular audits and third-party reviews expose vulnerabilities, enforce accountability, and strengthen cyber defenses before attackers can exploit them. Key Topics We Cover:       • How audits uncover hidden cybersecurity risks       • Finland’s cutting-edge approach to cyber resilience       • Why tabletop exercises and real-world drills are game changers       • A shocking social engineering attack at a library—and what it teaches us Cyber threats evolve fast—don’t wait until you’re the next headline. Whether you're a cybersecurity pro or just getting started, this episode is packed with actionable insights you can’t afford to miss. Like, share, and subscribe for the latest cybersecurity news and expert analysis! #Cybersecurity #Auditing #Infosec #SocialEngineering #SecurityNews 

You’re Being Hacked Right Now—And You Don’t Even Know It Ever wonder how cybercriminals manipulate human behavior to breach even the most secure organizations?  In this episode of The Audit, Eric Brown and Nick Mellum sit down with renowned social engineer and penetration tester Alethe Denis to break down real-world hacking techniques, red team strategies, and the shocking ways attackers exploit trust. From winning DEF CON’s Black Badge Social Engineering competition to executing high-stakes red team engagements, Alith shares jaw-dropping stories and expert insights on modern security threats. Key topics we cover: The art of social engineering and why it still works Wildly effective pretexts hackers use to gain access How AI and deepfakes are shaping the future of cybercrime Physical penetration testing stories that will make you rethink office security Simple but powerful strategies to protect yourself and your organization Don't wait until your organization is the next headline. Whether you're a cybersecurity pro or just getting started, this episode is packed with eye-opening insights you can’t afford to miss. Like, share, and subscribe for more in-depth security discussions! #Cybersecurity #SocialEngineering #PenTesting #EthicalHacking #RedTeam 

Discover the hidden risks of browser extensions, cybersecurity incidents, and more with hosts Eric Brown and Nick Mellum. In this episode, we dive into the dangers of tools like Honey, the fallout from Proton’s global outage, and the ingenious tactics used by cybercriminals to target unsuspecting users. Eric and Nick also share their insights on using big data to enhance security, the role of AI in addressing threats, and practical tips for staying ahead of the ever-changing tech landscape in 2025. We'll cover: The surprising risks behind popular browser extensions like Honey Lessons from Proton’s global outage and the importance of preparation How cybercriminals use voice phishing to exploit tech giants Practical steps to improve organizational security and educate users Balancing security and accessibility in modern systems From practical advice to thought-provoking insights, this episode delivers actionable takeaways for anyone navigating today’s tech landscape. #Cybersecurity #TechNews #DataPrivacy #RiskManagement #DigitalSafety 

Dive into the transformative power of data in cybersecurity in this must-watch episode with Wade Baker, where cutting-edge insights meet real-world applications.  Hear from The Audit Team as we discover how massive data sets are reshaping risk management, AI’s evolving role in combating cyber threats, and the surprising insights data can unveil about security incidents. We also dive into ransomware trends, phishing techniques, the ethics of AI, and the critical role of storytelling in decision-making, with some fun nods to fantasy swords along the way. In this episode, we discuss: Using big data to tackle cybersecurity challenges Ransomware and phishing trends The ethical debate around AI in security Unique discoveries from security data analysis Practical strategies for influencing decision-makers  Catch this insightful conversation and stay ahead of the cybersecurity curve. Like, share, and subscribe for more expert discussions on the latest security trends! #Cybersecurity #DataAnalytics #RiskManagement 

Join us for an eye-opening discussion on cybersecurity in travel with ethical hacker Matthew Wold from Ramsey County. Matthew shares how his passion for cybersecurity took root at Ramsey County, leading to collaborations with co-hosts Eric Brown and Nick Mellem. We kick things off with a lighthearted chat about survival items on a deserted island, setting the stage for a lively and insightful conversation.From RFID shields to OMG cables, we unpack practical tips for protecting your digital and personal safety while traveling. Learn how to navigate risks like compromised USB ports, hidden cameras in hotel rooms, and data privacy challenges across borders. With advice on VPNs, securing SIM cards, managing passwords, and safeguarding luggage, this episode is packed with essential strategies to ensure your travel experiences remain secure and worry-free.

From Gmail 2FA bypass warnings to SEO poisoning campaigns, we’re diving into the latest cybersecurity headlines reshaping the industry.  We explore how attackers are using hyper-specific search terms—like the legality of Bengal cats—to deliver malware and manipulate search results. Plus, we discuss advancements in AI-powered behavioral analytics, from cutting down false alerts to streamlining incident response. With real-world insights and actionable tips, this episode is packed with must-know updates for IT professionals navigating today’s ever-evolving threat landscape. In this episode, we'll discuss: Gmail session cookie theft and bypassing two-factor authentication. SEO poisoning campaigns delivering malware via niche search terms. AI-driven behavioral analytics improving incident response. Real-world social engineering and user behavior risks. Balancing usability and security with tools like passkeys. Thanks for tuning into The Audit. Subscribe on Spotify, Apple Podcasts, or YouTube to stay informed on the latest in cybersecurity. Don’t forget to follow us on social media and share with your network! #CybersecurityNews #2FA #BehavioralAnalytics #IncidentResponse #SEOPoisoning #ITSecurity #DataProtection 

In this episode of The Audit, we dive into key takeaways from a top cybersecurity event. From IoT hacking and RFID bypasses to AI governance and vishing bots, we explore the tools and strategies shaping security. Plus, real-world lessons, social engineering insights, and a few unexpected laughs—because security isn’t always all business.  In This Episode We’ll Cover: RFID hacking and social engineering insights from WWHF. Cameron’s IoT hacking training highlights. AI advancements and governance takeaways. Challenges with regulations and compliance in cybersecurity. Project management lessons inspired by Elon Musk.  Thanks for joining us for this glimpse into one of the year’s most unique cybersecurity events. Don’t forget to subscribe and share this episode with your team—we’ll see you at the next conference. #WWHackinFest #InfoSecConferences #Cybersecurity #AIThreats #IoTSecurity #SocialEngineering 

In this episode, we dive into emerging tech with Marsha Maxwell, co-founder of If These Lands Could Talk and Head of Innovation at Atlanta International School. Marsha shares insights on empowering indigenous and underserved communities through AI and VR, the ethical challenges of integrating AI, and the importance of digital inclusion. We discuss the impact of AI on knowledge, culture, and education and examine how to responsibly bridge gaps in tech access worldwide. In this episode we cover: Exploring AI and VR for indigenous and underserved communities Bridging digital divides: Tech access for all Ethical challenges in AI and identity How to navigate digital authenticity in the age of deepfakes The future of AI in creative and cultural spaces Practical strategies for blending AI with education and learning Tune in for a compelling look at the intersection of technology, education, and culture. Don’t forget to like, subscribe, and share to stay updated with our latest episodes! #ArtificialIntelligence #EmergingTech #DigitalInclusion #CyberSecurity #DataProtection #AIinSecurity 

Building secure software isn't optional—It's critical. Here’s how you can do it right!  In this episode of The Audit presented by IT Audit Labs, we’re joined by Francis Ofungwu, CEO of DevSecFlow, to break down the urgent topic of software security. Together with Nick Mellom and Bill Harris, we dive into the common security threats developers face today and discuss the vital steps every company should take to secure their software development lifecycle. In this episode, we’ll cover: The biggest software security threats developers face in 2024 How to integrate security seamlessly into the software development lifecycle The convergence of infrastructure security and software security The role of AI in secure coding and software development The importance of threat modeling and attack surface reviews How to create a more resilient software supply chain and manage risk effectively Whether you’re a developer, security pro, or IT decision-maker, this episode is packed with actionable insights to elevate your security strategy and ensure your software is built to withstand today’s evolving cyber threats. Don’t forget to hit that subscribe button and drop a comment below on your top takeaway! #CyberSecurity #DevSecOps #SoftwareSecurity #AICoding #IncidentResponse  #ITSecurity #CloudSecurity #RiskManagement