#408 - AI vs AI with Joseph Carson
Identity at the Center16 Mar

#408 - AI vs AI with Joseph Carson

Jeff and Jim welcome Joseph Carson, cybersecurity expert and host of the Security by Default podcast, for a conversation on AI in offensive and defensive security. Joseph shares the real-world incident that inspired his EIC keynote - watching two AI agents negotiate a ransomware payment live. He breaks down how attackers use unconstrained models to lower the skill barrier and accelerate data exfiltration. The conversation covers NATO Lock Shields, the world's largest live cyber defense exercise, identity as national critical infrastructure, and the EU AI Act's risk-based approach. Also: Estonia's AI tax agents, the energy cost of being polite to AI, and the Tamagotchi theory of human-AI relationships.


Connect with Joseph: https://www.linkedin.com/in/josephcarson


NATO Locked Shields: https://ccdcoe.org/exercises/locked-shields/


Security by Default podcast (Spotify): https://open.spotify.com/show/0mzN5M5CkFVLn8fq5TnH0O




Connect with us on LinkedIn:


Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/


Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/


Visit the show on the web at http://idacpodcast.com




TIMESTAMPS

00:00 Welcome and intro

03:02 Conference season and IDAC discount codes

04:19 Introducing Joseph Carson and Security by Default

10:18 Optimist or pessimist on identity security

12:30 AI vs. AI - origin of the concept

15:02 Watching two AI agents negotiate a ransomware payment

17:26 The Tamagotchi metaphor for human-AI relationships

19:07 Who is winning the AI cyber arms race

21:00 How AI accelerates attacker capabilities

23:09 Dark web LLMs and bypassing guardrails

26:36 The energy cost of being polite to AI

28:15 Agentic AI skills, campaigns, and the Matrix analogy

31:34 Estonia AI agents filing tax returns

35:14 Introducing NATO Lock Shields

37:00 Protecting a simulated nation from 8,500 cyber attacks

38:08 Why identity is national critical infrastructure

41:18 AI in Lock Shields before and after

43:05 Lock Shields 2025 scoring explained

47:04 The EU AI Act - is it the next GDPR

50:18 Risk-based approach to AI regulation

53:35 Closing thoughts and cautious optimism

54:21 Scuba diving vs. snowboarding

58:05 Wrap-up




KEYWORDS

AI vs AI, agentic AI, identity security, NATO Lock Shields, EU AI Act, Joseph Carson, Security by Default, ransomware, dark web LLMs, guardrails, data exfiltration, phishing, critical infrastructure, Estonia, cyber defense, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald


Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(430)

#430 - AI for IAM and IAM for AI with Martin Sandren

#430 - AI for IAM and IAM for AI with Martin Sandren

Recorded live at EIC 2026 in Berlin, Jeff and Jim sit down with Martin Sandren, IAM Product Lead at IKEA, for a wide-ranging conversation covering nearly every corner of modern identity security. Mart...

22 Jun 59min

#429 - Sponsor Spotlight - SailPoint

#429 - Sponsor Spotlight - SailPoint

This episode is presented courtesy of SailPoint. Rob Sebaugh, Senior Identity Strategist at SailPoint, joins Jeff and Jim for a wide-ranging conversation on the past, present, and future of identity g...

17 Jun 1h 7min

#428 - Modernizing IGA with Thomas Zarnhofer

#428 - Modernizing IGA with Thomas Zarnhofer

Recorded live at EIC 2026 in Berlin, Jeff and Jim sit down with Thomas Zarnhofer, IAM Architect at a major retail company in central Europe. Thomas shares his experience leading a full IGA transformat...

15 Jun 42min

#427 - Identiverse 2026 Preview with Heather Flanagan and Andi Hindle

#427 - Identiverse 2026 Preview with Heather Flanagan and Andi Hindle

Jeff and Jim are joined by Heather Flanagan, Content Chair, and Andi Hindle, Conference Chair, for a full preview of Identiverse 2026 at Mandalay Bay in Las Vegas. They cover the 2026 theme of trust a...

8 Jun 1h 13min

#426 - Sponsor Spotlight - Crowdstrike

#426 - Sponsor Spotlight - Crowdstrike

This episode and the Identity at the Center podcast is supported by CrowdStrike. Learn more at crowdstrike.com.Jeff Steadman and Jim McDonald sit down with Scott Kriz, GM of Continuous Identity at Cro...

3 Jun 1h 2min

#425 - EIC 2026 Recap & IdentiBeer Berlin

#425 - EIC 2026 Recap & IdentiBeer Berlin

Jeff and Jim recap their week at KuppingerCole's EIC 2026 in Berlin, covering standout keynotes, hallway conversations, and sessions on securing AI agents, CIAM, and AI versus nuclear regulation. They...

1 Jun 46min

#424 - IDAC Mailbag for May 2026

#424 - IDAC Mailbag for May 2026

Jeff and Jim are back with the May 2026 mailbag, answering listener questions from Amsterdam, Mumbai, Austin, and Berlin. Topics include navigating IAM vendor acquisitions, defending against AI deepfa...

25 Mai 1h 11min

#423 - The Middle Market Identity Security Gap with Robert Snodgrass

#423 - The Middle Market Identity Security Gap with Robert Snodgrass

Jeff and Jim welcome back Robert Snodgrass, Principal at RSM, for a deep dive into the RSM Middle Market Business Index cybersecurity report. The conversation covers the confidence gap facing middle m...

18 Mai 1h 1min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
smart-forklart
teknologi-og-mennesker
elektropodden
energi-og-klima
shifter
hans-petter-og-co
nasjonal-sikkerhetsmyndighet-nsm
pedagogisk-intelligens
rss-var-alt-bedre-for
rss-alt-som-gar-pa-strom
rss-nkom-innsikt
fornybaren
rss-polypod
rss-digitaliseringspadden
rss-ai-forklart
i-loopen