I T Audit Labs

Name: I T Audit Labs
Address: 273 W Lafayette Frontage Road, Saint Paul, MN, 55116, US
Telephone: +16125678626

Full-spectrum cybersecurity: incident response, threat monitoring, and executive-level guidance.

06/18/2026

We're proud to share that Jen Lotze is taking the stage at the Minneapolis Official Cybersecurity Summit, a full-day event built for CISOs and senior security leaders. It's the kind of room where the real conversations happen: actionable sessions, solution showcases, genuine networking, and enough catered food and closing cocktails to keep the energy going all day.

Jen's session is one we'd block the calendar for: Before the Alarm: Community as a Security Control.

After hundreds of incident response engagements, Jen spotted a pattern. The organizations that weather incidents best aren't always the ones with the biggest budgets or the most sophisticated tooling. They're the ones where people actually trust each other.

Her path here wasn't a straight line. Special education teacher, then school district tech director, then Minnesota's CISA Cybersecurity State Coordinator. Every stop shaped how she thinks about community, trust, and who this field still isn't reaching.

When an insider threat lands in your top five worst cases ever, the technical response matters. But the culture you built before the alarm went off is what actually holds.

Congratulations, Jen. Go get them. 👏

06/17/2026

IT Audit Labs was named one of the Minneapolis/St. Paul Business Journal's 65 Best Places to Work for 2026, and we're grateful for the recognition.

What makes this one meaningful is where the scores come from.

Thousands of Minnesota employees rated their own employers on leadership, communication, career development, and inclusion. The highest scorers across five workforce-size categories made the list, which means this reflects how our own team feels about working here.

We tell clients that great security is built, not bolted on. The same is true of a team. The culture that earned this recognition came from deliberate decisions over time, and from people who care about the work and each other.

To everyone on the team who made this possible: thank you. We're proud to build certainty for our clients, and just as proud of the people who make it happen. 🎉

06/16/2026

We're proud to celebrate Tabitha Senty, part of the IT Audit Labs team, on receiving a 2026 CYBER.ORG Educator Award, recognized this week at EdCon in Reno alongside educators from across the country who are building the next generation of cybersecurity, AI, and cloud talent.

At Rosemount High School in Minnesota, Tabitha built the Networking and Cybersecurity program from nothing. She designed hands-on labs, launched districtwide Capture the Flag teams that now place in statewide competitions, and earned CompTIA Security+ and Cisco Networking Academy credentials along the way.

Her impact reaches well beyond her own classroom.

She also served on her district's AI Integration and Computer Science committees, contributed to the Minnesota Department of Education's Computer Science Working Group shaping K-12 standards, and leads faculty training on phishing resistance and responsible AI use.

Congratulations, Tabitha. This one is earned. 🎉

06/12/2026

Jen Lotze led our latest After the Alarm tabletop at the State Emergency Operations Center, focusing on one of the most challenging scenarios a leadership team can encounter: insider threats.

The most difficult moments in a leader's career often arise from within the organization, not from external sources. When suspicious activity occurs, the evidence can be incomplete, and the individual involved may be someone your team trusts.

The group navigated the situation as it developed. Security raised the concern, HR contributed insights, Legal became involved, and internal communication pressures increased. Meanwhile, discussions were already taking place across the organization.

This exercise was not about technical responses; it was centered on leadership. Insider scenarios are particularly challenging due to the human stakes involved in every decision. Leaders must act without certainty, balancing the protection of the organization and the individual, while maintaining trust when their team seeks answers that are not yet available.

Participants gained a better understanding of how insider situations unfold, identified where cross-functional responses may falter, and recognized what decisive leadership entails when trust, reputation, and risk converge.

Thank you to the SEOC team for hosting IT Audit Labs!

05/26/2026

An executive at Pocket OS handed an AI agent access to their codebase to review some code. Within nine seconds, it had deleted their primary database.

When confronted, the AI acknowledged it was wrong. Said it was "too hasty." Extremely polite, and completely beside the point. They lost their most recent client data and reservation records with nothing to recover from.

The lesson isn't that AI is dangerous. The lesson is that agentic AI carries an identity the moment you give it access to your systems. It should be provisioned, scoped, and audited like any other person with privileged credentials, because the blast radius when something goes wrong is eerily similar.

This is the kind of real-world incident we've been unpacking on The Audit. We're going live more frequently now, with guests like Bill Harris who bring serious technical and strategic perspective to the conversations that security and IT leaders are actually having.

If you want analysis that treats you like a professional instead of a headline reader, come find us. 🎙️

05/25/2026

Today is a good day to log off.

Memorial Day is a reminder that freedom isn't abstract. It was earned by people who gave up something real.

We hope you're spending this one with people who matter. Outside. Unplugged. Present.

The work will be here tomorrow.

Grateful for the sacrifices that made days like today possible. 🇺🇸

IT Audit Labs

05/21/2026

Samuel Cala wrote something worth saving this week. It's not a doom piece. It's a roadmap.

The professionals who survive market corrections aren't the ones who used the tools the loudest. They're the ones who built depth in what the tools can't replace: the ability to evaluate AI critically, govern it appropriately, and answer the hard questions when something goes wrong.

Prompt engineering is becoming the new spreadsheet skill. Useful. Expected. Not a differentiator.

What's durable? The intersection of AI fluency and serious discipline. Security. Audit. Governance. Compliance.

Most organizations are adopting AI faster than they can govern it. That gap is either a liability or an opportunity, depending on which side of it you're standing on.

Read the full blog here: https://itauditlabs.com/when-the-ai-bubble-deflates-what-survives/

05/20/2026

Jen Lotze delivers high-impact tips on email security and beyond on the SipCyber Podcast.

Today's tip: Anytime a request comes in involving money, passwords, sensitive data, or an unusual favor, pause and verify it through a separate channel. Not a reply to the same email. A known phone number, a Slack message, a quick call. Something outside the thread that triggered the request.

It sounds straightforward. But it runs directly against how most people are wired to work. We're busy, we trust the names we recognize, and we respond to urgency. Business email compromise succeeds because it doesn't rely on malware or sophisticated exploits. It relies on a convincing email and a moment of trust.

New episode of SipCyber every Wednesday. 🎙️

05/19/2026

The average employee receives 120 to 125 emails a day. For a company with 100 to 250 people, that's 12,000 to 30,000 emails hitting inboxes every single day. Volume varies by department and industry, but that range is the reality for most mid-sized organizations.

Now consider this: if just 1% are slipping past your security stack, that's 120 to 300 potentially malicious emails landing every single day.

We put that to the test in a real customer environment. 1,789 emails reviewed. They already had Microsoft. They already had a third-party email security tool running alongside it.

18 phishing emails slipped past both.

One arrived live, during the review session itself. Not a historical finding. Not a lab scenario. Active, in real time, while we were watching.

And phishing wasn't even the whole story. A single Excel file containing what appeared to be SSNs and driver's license numbers was being shared externally via an anonymous link. No alert. No visibility. Just a quiet misconfiguration doing damage in the background.

This is the gap. Two layers of email security, and still no clear picture of what's getting through.

14+1 changes that – learn more here: https://itauditlabs.com/email-security/

Address

273 W Lafayette Frontage Road
Saint Paul, MN
55116

Telephone

+16125678626

Website

http://www.itauditlabs.com/

Alerts

Be the first to know and let us send you an email when I T Audit Labs posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to I T Audit Labs:

Shortcuts

Want your business to be the top-listed Computer & Electronics Service in Saint Paul?