What if your security team is playing defense while hackers play offense 24/7? Foster Davis, former Navy cyber warfare officer and founder of BreachBits, breaks down why traditional penetration tests become obsolete in weeks—and how continuous red teaming changes the game. From hunting pirates in the Indian Ocean to defending critical infrastructure, Foster shares hard-earned lessons about adversarial thinking, operational risk management, and why the junior person in the room might spot your biggest vulnerability.

What You'll Learn:

• Why red teaming creates psychological advantages penetration testing can't match
• How operational risk management translates technical findings into executive action
• The real cost of point-in-time security assessments (hint: ask St. Paul, Minnesota)
• Military-grade frameworks for continuous threat simulation in civilian organizations
• Why attackers operate 365 days a year—but most organizations test once

Don't let your organization become another headline. Security teams need to think like attackers, not just defenders. Subscribe for more conversations that challenge conventional cybersecurity thinking.

#RedTeam #CybersecurityStrategy #PenetrationTesting #MilitaryCyber #ThreatHunting #InfoSec

What if everything AI tells you about cybersecurity costs is completely wrong? The Audit crew unpacks a shocking data black hole that has infected every major AI model—plus field-tested tech that actually works.

In this laid-back Field Notes episode, Joshua Schmidt, Eric Brown, and Nick Mellum return from Gartner's CIO Symposium with insights that'll make you question your AI outputs. From discovering that the "trillions in cybercrime" statistic is pure fiction (the real number is 16.6 billion) to hands-on reviews of Starlink Mobile and Nothing earbuds, this episode delivers practical intelligence you won't find in vendor pitches.

Don't wait for the next data breach to question your assumptions. Subscribe for monthly Field Notes episodes that cut through the noise with honest, technical conversations you can trust.

#cybersecurity #AI #artificalintelligence #GartnerCIO #infosec #starlink #fieldnotes #cybertrends #datasecurity #AIbias

What happens when Apple Vision Pro meets enterprise AI? In this episode of The Audit, Alex Bratton—applied technologist and AI implementation expert—joins hosts Joshua Schmidt and Nick Mellem to reveal how spatial computing and artificial intelligence are colliding to reshape how we work. From conducting million-dollar sales meetings in virtual reality to building AI governance frameworks that actually work, Alex breaks down the cutting-edge tech that's moving faster than most organizations can keep up.

This isn't theoretical innovation—it's practical implementation. Alex shares real-world examples of pharmaceutical reps training with AI-powered virtual doctors, airlines redesigning airport gates in spatial environments, and manufacturing teams using Vision Pro for secure work on confidential documents at 30,000 feet. If you've been skeptical about AR/VR or overwhelmed by AI adoption, this conversation delivers the clarity you need to make informed decisions for your organization.

Key Topics:

• Why Apple Vision Pro is the "iPhone 1 moment" for spatial computing and what that means for enterprise security
• The three categories of AI tools: reactive assistants, task-based agents, and goal-oriented digital employees
• How to build AI governance frameworks without crushing innovation or falling behind competitors
• Real security concerns with AI tools and which vendors are actually protecting your data
• Why mid-market companies are outpacing Fortune 500s in AI adoption—and what that means for your industry
• Practical strategies for baking AI into company culture without triggering employee resistance
• The critical difference between free AI tools that steal your data and paid platforms that protect it

Whether you're a CISO evaluating AI tools, an IT director building governance policies, or a security professional trying to stay ahead of threats, this episode delivers actionable intelligence you can implement today. The AI revolution isn't coming—it's already here. The question is whether your organization will lead or get left behind.

#cybersecurity #infosec #AI #VR #AppleVisionPro

Ever wonder what the hosts of The Audit talk about when the mics are rolling but the formal interview isn't happening? This Field Notes episode gives you exactly that—unfiltered conversations covering everything from coffee preferences and glider flying to trademark scams targeting cybersecurity professionals.

Nick and Eric dive into Eric's latest aviation adventures (spoiler: gliders are apparently safer than planes with engines), share war stories about scam calls trying to exploit trademark filings, and swap tales about expensive vet visits. Plus, hear some nostalgic cybersecurity stories from the Wild West days when networks ran without firewalls and people could taste peanut butter straight from the jar at grocery stores.

Key Topics:

• Eric's glider pilot training and why it's "safer" than powered flight
• Trademark registration scams targeting IT professionals
• Coffee roasting tips from flight instructors
• Cybersecurity nostalgia: Temple University's router-only network
• Why Eric kept a scammer on the phone for 5 minutes during pickleball

Whether you're here for the cybersecurity insights or just want to know why Nick prefers Diet Coke to Coke Zero, this episode delivers the authentic conversations that happen between industry pros. Don't miss Eric's glider safety argument—it might just change your perspective on risk management.

#cybersecurity #infosec #fieldnotes #aviation #scamcalls #itauditlabs

Cybercriminals are exploiting X's Grok AI to bypass ad protections and spread malware to millions—while researchers discover your home Wi-Fi can now monitor your heart rate. This week's news breakdown covers the attack vectors you need to know about.

Join co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem as they dive into the latest cybersecurity developments that could impact your organization tomorrow. From social media malvertising to biometric data harvesting through everyday devices, these aren't distant threats—they're happening now.

Key Topics Covered:

• How cybercriminals are weaponizing Grok AI for malvertising campaigns
• Why 10-15% of employees access risky content at work (and what to do about it)
• Wi-Fi devices that can detect heart rates from 10 feet away—privacy implications
• Amazon's Project Kuiper vs. Starlink: What 1GB satellite internet means for security
• Practical defenses: YubiKeys, browser isolation, and network redundancy strategies

Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions!

#cybersecurity #infosec #grok #malware #starlink #wifi #privacy #ITsecurity

The threat landscape is moving faster than ever—and traditional response playbooks aren't keeping up. In this live Field Notes episode, Eric Brown and Nick Mellum dive into the surge of recent cyberattacks hitting state governments, transit systems, and critical infrastructure across the U.S.

From Nevada's complete state office shutdown to Maryland's Metro Transit paralysis, the hosts explore why organizations still "clam up" during breaches instead of sharing crucial threat intelligence. Drawing from their firsthand experience with the St. Paul incident and military-grade preparedness principles, they reveal the uncomfortable truth: you're not building higher walls anymore—you're planning for someone who's already inside.

Key Topics Covered:

• Recent state-level cyberattacks in Nevada and Maryland
• Why threat intelligence sharing fails when we need it most
• The human cost of breach response chaos and endless meetings
• How AI is being weaponized in sophisticated supply chain attacks
• Military mindset for cybersecurity: "Semper Gumby, always flexible"

Don't wait for the next headline. Subscribe for more unfiltered cybersecurity discussions that bridge the gap between technical reality and human preparation.

#cybersecurity #infosec #breach #threatintelligence #fieldnotes #livecast #CISO #cybersecuritynews

When ransomware hits a hospital, it's not just data that's at stake—patients are dying. Ed Gaudet, CEO of Censinet, reveals the shocking research proving what healthcare security professionals feared: cyberattacks on hospitals directly increase mortality rates and disrupt life-saving care.

But Ed's biggest concern? The eerie quiet before what he believes could be the next wave of coordinated attacks across multiple critical infrastructures. Plus, why Microsoft's approach to AI integration is making cybersecurity professionals lose sleep.

• Key Topics Covered:
• Why ransomware attacks on hospitals increase patient mortality rates
• The research behind healthcare cybersecurity's deadly consequences
• How the healthcare industry's digital transformation created new vulnerabilities
• Microsoft's problematic approach to forced AI integration
• The evolution from individual hackers to organized cybercrime syndicates
• Why Ed's "Spidey senses" are warning of coordinated infrastructure attacks

Don't wait until your organization becomes the next healthcare headline. Subscribe for more critical cybersecurity insights that could save more than just your data.

#healthcarecybersecurity #ransomware #patientsafety #cybersecurity #infosec #healthcare

What happens when your next hire isn't who they claim to be? In this eye-opening episode of The Audit, we dive deep into the alarming world of AI-powered hiring fraud with Justin Marciano and Paul Vann from Validia. From North Korean operatives using deepfakes to infiltrate Fortune 500 companies to proxy interviews becoming the new normal, this conversation exposes the security crisis hiding in plain sight.

Key Topics Covered:

• North Korean operatives stealing US salaries to fund nuclear programs
• How Figma had to re-verify their entire workforce after infiltration
• Live demonstrations of deepfake technology (Pickle AI, DeepLiveCam)
• Why 80-90% of engineers believe interview cheating is rampant
• Validia's "Truly" tool vs. Cluely's AI interview assistance
• The future of identity verification in remote work
• Why behavioral biometrics might be our last defense

This isn't just about hiring fraud—it's about the fundamental breakdown of digital trust in an AI-first world. Whether you're a CISO, talent leader, or anyone involved in remote hiring, this episode reveals threats you didn't know existed and solutions you need to implement today.

Don't let your next hire be your biggest security breach. Subscribe for more cutting-edge cybersecurity insights that you won't find anywhere else.

#deepfakes #cybersecurity #hiring #AI #infosec #northkorea #fraud #identity #remote #validia