Tabletop Exercises 2.0: How OpsBook Is Changing the Game
What happens when your carefully crafted incident response playbook becomes worthless? Cody Sullivan from OpsBook reveals the brutal truth about tabletop exercises: most organizations are practicing with medieval armor for a drone war. From 70-participant, 6-hour exercises spanning three continents to the harsh reality of insider threats, this conversation exposes the gaps that could leave your organization bleeding when the real attack comes. Key Topics Covered: Why "tribal knowledge" is your organization's biggest security risk The insider threat scenario that makes every tabletop exercise go sideways How AI is revolutionizing incident response preparation through OpsBook's ontology Why your playbooks are useless if hackers have them too The "Derek Jeter approach" to cybersecurity preparedness From real estate to tech: spotting warning signs before the industry shift The crew shares fresh insights from a recent school district tabletop that exposed critical single points of failure, while Cody demonstrates how modern organizations are turning decision-making into muscle memory, not just memos. This isn't theory—it's the frontlines of organizational resilience where one overlooked vulnerability could trigger catastrophic failure. Like, share, and subscribe for more in-depth security discussions that prepare you for tomorrow's threats, not just today's compliance checkboxes! #tabletopexercise #incidentresponse #cybersecurity #infosec #AI #opsbook
--------
38:36
The Invisible Threats: OT Meets IT in Modern Manufacturing
Think you can manage industrial systems like your IT infrastructure? Think again. In this episode of The Audit, Dino Busalachi unpacks the high-stakes complexity of OT-IT convergence—and why your trusty IT playbook flatlines on the plant floor. Join the IT Audit Labs crew as we dive into the chaos of managing 10,000+ industrial assets across a sprawling landscape of vendors, protocols, and operational rules that laugh in the face of standardization. From Siemens to Rockwell to Honeywell, Dino draws sharp parallels to hospital systems juggling specialized third-party contractors—because in the world of OT, consistency is a luxury and adaptability is survival.🔧 Key Topics Covered: • Why OT environments resist IT standardization efforts • Managing thousands of industrial assets from multiple vendors • The hospital analogy: treating OT specialists like medical contractors • Building effective partnerships between OT and IT teams • Real-world challenges of securing industrial control systems #OTSecurity #ITConvergence #IndustrialCybersecurity #SCADA #PLC #CriticalInfrastructure
--------
39:50
Pwnagotchi: The AI Pet That Hunts Your Network Credentials
What happens when you cross a Tamagotchi with a Wi-Fi hacking tool? You get the Pwnagotchi—a pocket-sized device that "feeds" on Wi-Fi handshakes and learns from its environment. In this episode, Jayden Troffler and Cameron Birkland join the crew to demonstrate how this deceptively cute device can passively capture encrypted Wi-Fi credentials from any network in range, autonomously gather handshakes, share intelligence with other Pwnagotchis, and operate completely under the radar from conference floors to airplane cabins in ways that might surprise you. Key Topics Covered: How the Pwnagotchi captures Wi-Fi handshakes through deauthentication attacks • Why WPA3 networks are immune (and why most networks still aren't using it) Building your own Pwnagotchi vs buying a Flipper Zero with Wi-Fi dev board • Real defense strategies beyond "just turn off your Wi-Fi" The legal gray areas of passive Wi-Fi monitoring Conference horror stories and the 600-handshake airplane incident Whether you're a security professional looking to understand emerging threats or someone curious about DIY hacking tools, this episode delivers practical insights you can use to protect your networks today. The Pwnagotchi proves that the most dangerous attacks often come in the most innocent packages. Don't let your organization become the next victim of passive Wi-Fi attacks. Like, share, and subscribe for more hands-on cybersecurity content that keeps you ahead of emerging threats! #Pwnagotchi #cybersecurity #wifihacking #ethicalhacking #infosec #flipper zero
--------
35:24
Pi-hole: The Open Source DNS Firewall Revolutionizing Network Security
Your network is talking behind your back—but Pi-hole is listening. Join The Audit as Pi-hole co-founders Dan Schaper and Adam Warner reveal how their open-source DNS sinkhole technology has become the secret weapon for over 200,000 privacy-conscious users worldwide. In this episode, we discuss: How Pi-hole evolved from a simple ad blocker to a critical network security tool Why DNS-level filtering stops threats before they reach any of your devices The performance benefits that make browsing noticeably faster Setting up Pi-hole on everything from Raspberry Pi to enterprise hardware How the global development team maintains this powerful security shield Protecting vulnerable IoT devices from malicious traffic The future roadmap for Pi-hole and opportunities to contribute Don't miss this deep dive into the technology that's reclaiming control of digital footprints one DNS request at a time. Connect with the Pi-hole community at discourse.pi-hole.net and discover why cybersecurity professionals consider this an essential defensive tool. Like, share, and subscribe for more cutting-edge cybersecurity insights and expert analysis! #pihole #DNSfiltering #networksecurity #adblocking #privacytools #cybersecurity #opensource #infosec
--------
39:50
Cybersecurity News: E-Z Pass Scam, Dead Internet Theory & $16.6B FBI Report
Join The Audit for a news-packed episode as cybersecurity expert Matt Starland recounts a chilling near-miss with an E-Z Pass phishing scam—received just minutes after renting a car in Florida. His close call highlights how scammers exploit timing and context to deceive even seasoned professionals. In this episode, we discuss: How a security pro nearly fell for a perfectly timed phishing text The FBI’s 2023 Internet Crime Report and its $16.6B warning Why nearly $5B in losses hit Americans over 60—and why many stay silent The psychological barriers victims face when reporting cybercrime The rise of the “Dead Internet Theory” and AI-generated online content How Meta and others are blurring the line between real and artificial Practical ways to spot AI-generated interactions Why maintaining human connection is key in the age of AI Don’t miss this timely conversation packed with real-world insights and strategies to help you stay secure in an increasingly digital (and artificial) world. Like, share, and subscribe for more cutting-edge cybersecurity stories and expert analysis. #infosec #cybersecurity #E-ZPass #phishing #FBI #deadinternet #meta
Brought to you by IT Audit Labs. Trusted cyber security experts and their guests discuss common security threats, threat actor techniques and other industry topics. IT Audit Labs provides organizations with the leverage of a network of partners and specialists suited for your needs.We are experts at assessing security risk and compliance, while providing administrative and technical controls to improve our clients’ data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact, while our security control assessments rank the level of maturity relative to the size of the organization.
Listen to The Audit - Cybersecurity Podcast, All-In with Chamath, Jason, Sacks & Friedberg and many other podcasts from around the world with the radio.net app
South Africa