A $25 million wire transfer. A fake CFO. An entire executive team that didn't exist. This is what modern cybercrime looks like — and your firewall won't stop it.

In this episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellum sit down with James McDowell — forensic psychology expert, cybercrime researcher, and adjunct professor at American Military University — to explore the chilling intersection of AI, human psychology, and cybercrime. James introduces the concept of "cognitive surrender": the slow, dangerous transfer of our thinking to AI tools, and how threat actors are exploiting it at scale.

What You'll Learn:

• What "cognitive surrender" is and why it's cybercrime's greatest accelerant
• How a $25M deepfake scam bypassed every red flag a trained employee had
• The psychology behind System 1 vs. System 2 thinking — and why attackers time their strikes around your lunch break
• Why voice passwords and family code phrases are becoming critical security tools
• How FraudGPT and dark-web AI models are lowering the barrier for cybercriminals
• What James's wave theory reveals about how we trust — and how that trust gets exploited

📖 Guest: James McDowell Forensic psychologist, cybercrime researcher, and author of Forensic Psychology and the Human Side of Cybercrime. James teaches at American Military University and leads research at [Research Institute] focused on the psychology of cyber offenders and victims.

📚 Book available on Amazon and Routledge. Search: Forensic Psychology and the Human Side of Cybercrime

Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers the psychological intelligence to help protect your business. Like, share, and subscribe for more in-depth security discussions!

#cybersecurity #cybercrime #socialengineering #deepfake #AIthreats #infosec #phishing #cyberpsychology #ethicalhacking #CISO

What if the device keeping you alive was also a cybersecurity vulnerability? That's not a hypothetical — it's Victor Barge's reality.

In this episode of The Audit, IT Audit Labs' Global Delivery Director Victor Barge shares the story of his sudden cardiac event and the life-saving defibrillator now implanted in his chest and the eye-opening security questions that followed. Co-hosts Joshua Schmidt, Eric Brown, and Nick Mellum connect Victor's story to the real-world cyber risks organizations ignore every single day.

What you'll learn in this episode:

• How modern pacemakers and defibrillators transmit biometric data 24/7 — and what happens if that data is compromised
• Why the 2017 Abbott pacemaker recall of 500,000 devices is a warning the industry hasn't fully heeded
• The parallel between reactive healthcare and reactive cybersecurity — and why waiting costs you more
• Why billion-dollar organizations are still storing passwords in spreadsheets in 2026
• What continuous monitoring in IT security can learn from real-time cardiac telemetry

Whether you're a CISO, IT auditor, or just someone wearing a smartwatch, this episode will make you rethink what "sensitive data" really means.

What does it take to go undercover with international cybercriminals — with no backup, no safe house, and no script? In this episode of The Audit, Richard LaTulip, Field CISO at Recorded Future and former U.S. Secret Service agent, pulls back the curtain on three years of undercover operations spanning Thailand, Dubai, Macau, and China. From buying stolen credit card data in bulk to handing cheap government-issued laptops to disappointed hackers, Richard shares the raw, unfiltered reality Hollywood never shows you.

Co-hosts Joshua J Schmidt, Eric Brown, Nick Mellem, and Jen Lotze dig into the psychology of social engineering, the stark differences between nation-state and financially motivated threat actors, and why your employees are simultaneously your greatest asset and your biggest vulnerability. Richard breaks down how SolarWinds revealed the patience of nation-state operations, why cultural awareness is a cybersecurity weapon, and how organizations can shift security from a cost center to a value driver.

• 🔑 Key Topics Covered:
• Undercover operations against international cybercriminal networks — the reality vs. the Hollywood version
• Nation-state vs. financially motivated threat actors — how their goals fundamentally change defense strategy
• The ClickFix campaign and social engineering attacks targeting human psychology
• How Recorded Future delivers actionable, tailored threat intelligence vs. generic feeds
• Why tabletop exercises need HR, communications, and every department at the table • Cultural dimensions of cybersecurity — from Eastern European honeytraps near nuclear sites to password reuse psychology
• Turning your security team from a "cost center" into a trusted business ally
• Operation Carter Chaos — Richard's new book chronicling the untold human side of undercover cyber operations

📖 Richard's book Operation Carder Kaos is available now on Amazon.

🔔 Like, share, and subscribe for more in-depth cybersecurity conversations. Don't forget to leave a review — it helps us reach more security professionals like you.