The Audit

How exposed are your 3D printing operations to cyber threats? Is the intellectual property involved in 3D printing at risk, and can 3D printers themselves become targets for hackers?  
 
As 3D printing technology becomes more integrated into various industries, its cybersecurity implications cannot be ignored. This episode sheds light on the exciting world of 3D printing, focusing on its potential for innovation while addressing the significant cybersecurity challenges it faces. 

We'll explore: 

• The basics of 3D printing technology and its cybersecurity implications. 

• Protecting intellectual property in the realm of 3D printing. 

• The vulnerabilities of 3D printers to hacking and how to safeguard them. 

• Strategies for securing 3D printing operations against cyber threats. 

• Real-world examples of cybersecurity breaches in 3D printing. 

Whether you're a cybersecurity professional, a 3D printing enthusiast, or someone interested in the intersection of technology and security, this episode offers valuable insights into protecting your 3D printing projects.   

How secure is a VPN, really? Can a VPN server be hacked, and are these services truly safe? In this episode of The Audit, Joshua, Nick, and Eric tackle these pressing questions head-on.  

As the cybersecurity landscape evolves, Virtual Private Networks (VPNs) are increasingly common among cybersecurity professionals and enthusiasts alike... but how secure are they? In this episode, we take you through the mechanics of VPNs, their role in safeguarding your data, and the vulnerabilities that can expose users to risk.  

We'll cover: 

•  What are VPNs and how do they work? 

•  How to choose the right VPN provider: Considerations and pitfalls. 

•  The difference between corporate and personal VPN use and their unique challenges. 

•  How to mitigate risks associated with VPN usage. 

•  The recent Ivanti VPN breach 

If you care about your digital privacy, curious about how VPNs fit into your life, or pondering the real benefits and risks of using VPN services, then this episode is for you. 

It should come as no surprise that building a team can be challenging for cybersecurity professionals. However, we've found that individuals who have served in the military often possess a unique focus and drive, setting them apart in the cyber world. 

Clifton Robinson, a former Army logistician and healthcare market analyst, joins our team to discuss his journey to becoming a cybersecurity professional.  

Topics covered: 

• How military service helps individuals transition into cybersecurity 
• Why employers appreciate military service in cybersecurity candidates 
• Why are veterans drawn to the field of cybersecurity? 
• How joining the military changed Clifton’s life 
• The importance of mentorship and networking for veterans 

If you're a veteran considering a career in cybersecurity or seeking a fresh perspective on the cybersecurity industry, don't miss the latest episode of The Audit! 

Is your digital footprint secure? In our latest episode we unravel the complexities of email and mobile security. Join Dean Morstad, a seasoned cybersecurity expert, as he shares invaluable insights and practical tips to enhance your digital safety. 

The conversation includes: 

- Why and how are most of us viewed as a “product”?  
- Practical email security tips and best practices 
- How to avoid phishing scams and other social engineering strategies 
- Mobile device and location tracking insights 
- Organizational security policy tips  
- Why use a password manager 

This episode offers more than just insights; it's a chance to meet the minds who have been combatting cyber threats for decades. We explore topics like ransomware, effective data breach responses, and the integration of AI in cybersecurity. Discover strategies and insights from industry leaders and learn how to fortify your digital defenses in an ever-evolving cyber landscape. 

Topics Covered: 

• How to navigate a ransomware attack 
• Data breach response methods 
• Cyber insurance challenges 
• AI, cybersecurity, and the legal considerations 
• Social engineering audits 

Gain valuable insights into current trends and practical approaches to enhance your organization's security posture. Be sure to subscribe today! 

In this episode of The Audit, Leah McLean shares her insights from over 10 years in cybersecurity and IT with companies like Cisco, and now Mastercard.  

We’ll cover: 

• How to get a job in cybersecurity 
• Navigating the ethical challenges of AI in Cybersecurity 
• Work-life balance in cybersecurity jobs 
• Perspectives on success for cybersecurity leadership 
• Emerging infosec technologies 
• Mental health for infosec professionals  

We navigate the shifting terrain of cybersecurity talent acquisition, stressing the need for aptitude and ongoing education. Leah delves into AI's role and ethical dilemmas in cybersecurity, provides tips for balancing work and life in remote contexts, and examines upcoming cybersecurity technologies. The discussion also highlights veterans' vital roles in cybersecurity, underscores the importance of mental health in stressful settings, and gives a sneak peek into future 'Elevate Exchange' podcast episodes on topics like AI and quantum computing. 

The Audit - Episode 30 - Join us as we speak with cybersecurity expert and hacking hardware enthusiast Cameron Birkland, who introduces us to the world of the Flipper Zero. 

The brainchild of a successful Kickstarter campaign in 2020, the Flipper Zero might look cute with its dolphin avatar, but it's a potent tool capable of manipulating control systems like RFID and NFC tags, radio remotes, and digital access keys. 

What would you do if your garage door opener could be hacked? Cameron walks us through how this is possible with his own garage door opener. 

Don’t forget, if you prefer video, check out every episode of The Audit on our YouTube channel. 

The Audit - Episode 29 - Ready to uncover the world of crypto? Join us in our latest episode as we dive into the realm of cryptocurrency with Matt Starland. Let's embark on a journey from the origins of Bitcoin to the frenzy of meme stocks making headlines. Tune in to understand how cryptocurrency is shaking the foundation of economies with unstable governments, and how secure, hardware-based crypto wallets can be your ultimate safe vault.

We didn't stop at Bitcoin. Matt Starland, our resident crypto expert, took us on a ride through the volatile landscape of cryptocurrency trading, tackling the challenges of its mainstream adoption and the potential risks. Discover how to set up a hardware wallet and get an inside scoop on the cryptographic algorithms that are its backbone and the all-important recovery seed. By the end of this, you'll be well-versed in the nitty-gritty details of crypto trading and equipped to safeguard your digital assets.

In the final leg of our crypto exploration, we help you navigate the process of setting up a new cryptocurrency wallet, emphasizing the significance of secure offline backup and tightening the security measures. We shed light on the workings of a Bitcoin wallet, the associated fees, and how to maximize its security. Then, we take you through the features of hardware wallets, the processes of buying and selling from a wallet, and the risks of leaving money on an exchange. So sit back, tune in and prepare for a deep dive into the thrilling world of cryptocurrency!

The Audit - Episode 28 - We are pleased to introduce you to Andre Champagne, an expert in the intriguing world of cyber and digital forensics. Andre’s journey, from the Anoka County Sheriff's Office, through the Illinois Attorney General's Office, to the state of Minnesota, provides fascinating insights into a career in stopping cyber-crime.  

Andre also recounts his time managing a digital forensics laboratory, shedding light on the intricate balance between risk and technology in the digital landscape. He shares stories about investigating arson cases, using phone evidence to reveal the diversity of online predators. His anecdotes provide a sobering perspective on the challenges and rewards of a career in cyber forensics.  
 
Finally, Andre breaks down the reality of the cyber security field beyond what you see in TV and film. His experiences range from putting together reports for the courtroom, dealing with data breaches and ransomware, to handling HR investigations. The conversation takes a darker tone as we address the chilling reality of online predators while Andre provides valuable advice on ways to keep children safe online.

The Audit - Episode 27 - Imagine managing over a million orders per minute during a high-stakes sales event like Black Friday! That's the reality Jeff White from Cockroach faced during his time at Best Buy. We sit down with him in a lively discussion, unpacking the intricacies of running a successful online store, the immense pressure involved, and strategies to guard against malicious acts and bots. Jeff enlightens us about the challenges of scaling an Oracle database to handle a mass influx of orders, sharing insightful anecdotes from his own experience.

Ever wondered how to improve your security posture and reduce organizational risk? Jeff is here to share some answers from a tech perspective. He delves into the unique features of Cockroach DB, a system he played a vital role in developing. Learn how it’s designed to run on various operating systems and its resilience to node failure. Jeff also sheds light on distributed data replication, an intriguing aspect of Cockroach DB. If you're a tech enthusiast or involved in e-commerce, this episode is packed with valuable nuggets of information to take your knowledge several notches higher.

As we wrap up our conversation, we navigate towards Jeff's interest in renewable energy. We delve into his journey with solar power and electric vehicles, outlining the financial benefits of such investments. He shares his solar installation experience and future plans. We also touch on the critical role of a robust team in conducting successful security assessments. Lastly, we consider a new venue for our game night, since our usual spot isn't available. Tune in for this enlightening episode full of expert insights and real-world experiences.

The Audit - Episode 26 - Ready to decode the future of data storage technology? We guarantee that you'll be fascinated by our in-depth exploration into this rapidly evolving landscape. Together with our esteemed guest, Bill Harris, we probe into the intricacies of current storage mediums, such as hard disk drives, flash drives, and magnetic tapes, while also introducing you to emerging technologies like 5D, DNA, and molecular memory. 

How are companies managing their data storage amidst ever-shrinking IT budgets? How are advancements like heat-assisted magnetic recording and microwave magnetic recording redefining hard drive technology? Brace yourself, as we take you on a journey to decipher these challenges and discoveries, along with Harris, a pioneer in the field. The conversation gets even more exciting as we delve into futuristic concepts like holographic and DNA storage, both promising yet fraught with challenges worth discussing. 

But we don't stop there. As we dig deeper into the impact of increasing storage capacities, it's evident that a revolution in the way we use and perceive data is imminent. From holographic and 5D crystal storage to DNA storage, we ponder the implications and potential of these advancements on the future of technology. Tune in, let's explore this fascinating world of storage technology together!

In Part 2 of the Tech Lessons Series by Bill Harris, get ready to unravel the mystery of quantum computing? Brace yourselves as we, your hosts, and our esteemed guest, Bill Harris, take you on a whirlwind tour of this fascinating technology that's set to redefine the future. Possessing the potential to disrupt major industries and even cryptography, quantum computing is a topic you certainly can't afford to miss. 

Imagine a computer that can process information at superluminal speeds. That's the magic of quantum computing! From its application in fields as diverse as healthcare and AI to the challenges it poses, we've got it all covered in this episode. But it doesn't stop there. We discuss the potential threat quantum computers pose to current encryption technologies and the prodigious task of developing quantum-safe encryption techniques. 

Finally, we examine the present landscape of quantum computing, key players in the field, and IBM's quantum roadmap. Are you curious about how a linguist might relate to all this tech talk? Listen in as Alan, an IT professional, ties it all together with his son's choice of major. We wrap up with a hilarious segment discussing our favorite physicists and resources, where you may just find your next good read! Get ready for a deep dive into a future shaped by quantum computing!

The Audit - Episode 24

In Part 1 of the Tech Lessons Series by Bill Harris, prepare to be transported into the future of computing resources, with our fascinating guest, Bill Harris from IT Audit Labs. We're opening up the world of processor design and specialized workloads, discussing the intricacies of chip fabrication, the genius behind improving processor speeds, and the art of creating modern processors. Get ready to discover a realm of substrates, lithographies, and elements that form the backbone of future processors.

Ever wondered about the application of Moore's Law in real life, or what really behind processor clock speeds? This episode answers all that and more, bringing in exciting insights into the clever tactics used to amplify modern computation. Dive into the mechanics of how assembly is utilized to build processors and learn about the advanced technologies such as 3D NAND, chiplets, and SSL acceleration that are revolutionizing the field.

As we look forward to the future of computing and the exciting investment opportunities it presents, we delve into the potential of semiconductors, the massive CERN particle collider and the intricate challenges of breaking into the semiconductor industry. Don't miss out on our spirited conversation on the potential of DNA and crystalline molecular storage, and the role of quantum computing in enhancing processor speeds. And remember, amidst all this tech talk, the importance of security, risk and compliance controls to safeguard our clients’ data remains paramount. So, buckle up and come along on this exhilarating journey into the future of computing!

Wouldn't it be great if you could navigate the treacherous landscape of software vulnerabilities like a pro? That's exactly what we're serving up in our latest podcast episode. Together with our dedicated team, we dissect the upsurge of these vulnerabilities, the recent discovery of a toolkit targeting Apple, Mac OS, and stolen chat GPT credentials. We even do a deep dive into the complex CVE system. Our insightful discussion sheds light on how these vulnerabilities have grown over time, largely due to the evolution of software development.

Are you constantly second-guessing whether to update your software due to the fear of breaking things? You're far from alone. Hang out with us as we share our personal anecdotes dealing with software updates, security patches and the puzzling catch-22 situation that arises. In an alarming revelation, we also walk you through the recent compromise of over 101,000 OpenAI chat GPT account credentials. If you’re a user, this is an episode you can't afford to miss. 

Imagine living in a world where data breaches are the new golden age. That's the reality we're grappling with, and there's no denying the risks associated with storing data on an internet-connected database. From discussing malicious targeted ad campaigns to delving into the dangers of certain browsers, this episode is a rollercoaster of cybersecurity insight. We round off by examining how data breaches have shaped cybersecurity history. Tune in and arm yourself with the knowledge to combat the rapidly evolving world of software vulnerabilities and cybersecurity.

The Audit - Episode 22

Want to understand the dark underbelly of cyberspace? Join us as we take a deep dive into recent data breaches at T-Mobile, discussing why fewer customers were impacted this time around compared to the January API attack. Get insights on how negligence in security could lead to government oversight and understand the power consumers can wield by voting with their feet. Learn how the fines collected from such breaches could fund cybersecurity improvements in vulnerable entities such as school districts.

Curious about the consequences of data breaches? We shed light on the implications of the cover-up by Uber's former CSO, who narrowly escaped jail time, and the devastating impact of the Next Gen Healthcare breach affecting a million individuals. We also explore the rise of bug bounties as a popular tool among companies and stress the importance of credibility in the realm of ethical hacking. 

Ever wondered about the value of your personal information to hackers? We break down how hackers can misuse social security numbers, addresses, and names, and discuss the increasingly specialized roles within a cyber attack. Discover the sinister world of data brokers, who split and resell your personal information, and the challenges of resetting social security numbers. We also delve into how medical records can be weaponized and highlight the need for cybersecurity audits to safeguard data. 

Listen in, as we offer a compelling analysis of the attacker's viewpoint, the significance of logging activities, and why some attackers end up dwelling within systems for long periods. We also discuss the security maturity needed to protect a company from future breaches once they've been hit. If you're at all concerned about the safety of your personal data, you won't want to miss this deep dive into the murky world of data breaches and cybersecurity.

For this episdoe we are joined by Eric Pesik, the Deputy General Counsel at Seagate Technology. Eric, walks us through how he has been using generative AI tools, including ChatGPT, AI image generators and AI voice overs to speed up his workflow when creating presentations for his colleagues. The crew also discusses how AI will broadly impact other sectors.  

A conversation between Nick Mellem, Eric Palms, and Matt Starland about the future of passwords through the lens of IT. The team notes a general lag time behind current threats and the technology already available to upgrade security protocols and the lack of large-scale adoption and upgrades. Passwords may eventually have to be left behind for new technologies such as biometrics. It is largely agreed that there needs to be a change to a password-less approach to mitigate end-user security risks. Join us for this stimulating and timely discussion. Help us spread this important info by liking, downloading, subscribing and inviting your friends to listen to The Audit. Video version now available on our YouTube channel.

A discussion with ITAL members Eric Brown and Scott Rysdahl with Micah Kryzer. Micah is a pentester by day but also works alongside the ITAL team. In this episode the crew overviews certificates, a big topic that transcends any one vendor or environment. Certificates are like an electronic passport meant to uniquely identify a person, computer or application on a network. This specific family of vulnerabilities discussed affects the Microsoft Active Directory certificate services, which is Microsoft’s own built-in PKI or public key infrastructure included with Window’s servers and domains. Micah walks us through a pentest demo illustrating the ways this system can be exploited as well as providing tips on how to protect business networks from this attack. 

An in-depth conversation with former CISO (Chief Information Security Officer) of the Minnesota Judicial and Metropolitan Council, Gretchen White. ITAL’s own Eric Brown and Gretchen discuss topics including the day-to-day grind of advocating for funding and implementing security protocols, how to prioritize security needs and access risk on a budget, reporting structure, and how to effectively impact change within an organization. Chalk full of tips, Gretchen, has expertise in communicating organizational needs to decision makers and has some priceless nuggets to share with up-and-coming CISO’s and those who work under their guidance.  

#cybersecurity #CISO #chiefinformationsecurityofficer #careeradvice #organizational #leadership #communication #security #influence #metropolitancouncil #minnesotajudicial #pointofrisk 

This week, we are speaking with Dennis Pelton about his expertise in hardware. He makes badges for all the major security conferences and loves to share his knowledge in this space. #security #hacking #wifi #rubberducky #hardware #defcon #schmoo #defcon #bsides