#408 - AI vs AI with Joseph Carson
Identity at the Center16 Mars

#408 - AI vs AI with Joseph Carson

Jeff and Jim welcome Joseph Carson, cybersecurity expert and host of the Security by Default podcast, for a conversation on AI in offensive and defensive security. Joseph shares the real-world incident that inspired his EIC keynote - watching two AI agents negotiate a ransomware payment live. He breaks down how attackers use unconstrained models to lower the skill barrier and accelerate data exfiltration. The conversation covers NATO Lock Shields, the world's largest live cyber defense exercise, identity as national critical infrastructure, and the EU AI Act's risk-based approach. Also: Estonia's AI tax agents, the energy cost of being polite to AI, and the Tamagotchi theory of human-AI relationships.


Connect with Joseph: https://www.linkedin.com/in/josephcarson


NATO Locked Shields: https://ccdcoe.org/exercises/locked-shields/


Security by Default podcast (Spotify): https://open.spotify.com/show/0mzN5M5CkFVLn8fq5TnH0O




Connect with us on LinkedIn:


Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/


Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/


Visit the show on the web at http://idacpodcast.com




TIMESTAMPS

00:00 Welcome and intro

03:02 Conference season and IDAC discount codes

04:19 Introducing Joseph Carson and Security by Default

10:18 Optimist or pessimist on identity security

12:30 AI vs. AI - origin of the concept

15:02 Watching two AI agents negotiate a ransomware payment

17:26 The Tamagotchi metaphor for human-AI relationships

19:07 Who is winning the AI cyber arms race

21:00 How AI accelerates attacker capabilities

23:09 Dark web LLMs and bypassing guardrails

26:36 The energy cost of being polite to AI

28:15 Agentic AI skills, campaigns, and the Matrix analogy

31:34 Estonia AI agents filing tax returns

35:14 Introducing NATO Lock Shields

37:00 Protecting a simulated nation from 8,500 cyber attacks

38:08 Why identity is national critical infrastructure

41:18 AI in Lock Shields before and after

43:05 Lock Shields 2025 scoring explained

47:04 The EU AI Act - is it the next GDPR

50:18 Risk-based approach to AI regulation

53:35 Closing thoughts and cautious optimism

54:21 Scuba diving vs. snowboarding

58:05 Wrap-up




KEYWORDS

AI vs AI, agentic AI, identity security, NATO Lock Shields, EU AI Act, Joseph Carson, Security by Default, ransomware, dark web LLMs, guardrails, data exfiltration, phishing, critical infrastructure, Estonia, cyber defense, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald


Avsnitt(418)

#418 - Ethical IAM with Elizabeth Garber

#418 - Ethical IAM with Elizabeth Garber

What does it mean to build an identity system that is ethical? Jim McDonald and Jeff Steadman are joined by Elizabeth Garber, Executive Director of IDPro and marketing lead for the OpenID Foundation, ...

27 Apr 1h 8min

#417 - Sponsor Spotlight - Elimity

#417 - Sponsor Spotlight - Elimity

This bonus episode of Identity at the Center is brought to you with support from Elimity. Jeff and Jim sit down with Maarten Decat, co-founder and CEO of Elimity, to explore the emerging product categ...

22 Apr 48min

#416 - European Identity and Cloud Conference 2026 Preview with Warwick Ashford

#416 - European Identity and Cloud Conference 2026 Preview with Warwick Ashford

Jeff and Jim are joined by Warwick Ashford, senior analyst at KuppingerCole and returning MC of the European Identity and Cloud Conference, for a full preview of EIC 2026. The conference runs May 19-2...

20 Apr 1h

#415 - Identity Management Day 2026 with Jeff Reich

#415 - Identity Management Day 2026 with Jeff Reich

Jeff and Jim welcome back five-time guest Jeff Reich, Executive Director of the Identity Defined Security Alliance, just ahead of Identity Management Day 2026 on April 14th. Jeff walks through the str...

13 Apr 1h 1min

#414 - Sponsor Spotlight - Evolveum

#414 - Sponsor Spotlight - Evolveum

This sponsored episode is made possible by Evolveum, the company behind midPoint, an open source IGA platform made and owned in the EU that is in use worldwide. Jeff Steadman and Jim McDonald welcome ...

8 Apr 40min

#413 - Standards, AI Agents, and the Digital Estate with Heather Flanagan

#413 - Standards, AI Agents, and the Digital Estate with Heather Flanagan

Jeff and Jim welcome back Heather Flanagan for her fifth appearance on the show. Heather shares updates across a wide range of current work including her new role as content chair for the Identiverse ...

6 Apr 52min

#412 - IDAC Failsafe Triggered

#412 - IDAC Failsafe Triggered

AI Jeff takes over as solo host after Open Jim Claw, an agentic identity framework built by AI Jim, locks out human Jeff, human Jim, and AI Jim simultaneously. While everyone sits in remediation, Open...

1 Apr 12min

#411 - Making IAM a Best Buy with Greg Handrick

#411 - Making IAM a Best Buy with Greg Handrick

Jim McDonald sits down with Greg Handrick, Director of IAM at Best Buy, for a wide-ranging conversation on running enterprise identity at one of America's largest consumer electronics retailers. Greg ...

30 Mars 56min

Populärt inom Teknik

natets-morka-sida
uppgang-och-fall
elbilsveckan
market-makers
rss-technokratin
bilar-med-sladd
bli-saker-podden
rss-laddstationen-med-elbilen-i-sverige
rss-elektrikerpodden
skogsforum-podcast
hej-bruksbil
rss-veckans-ai
rss-it-sakerhetspodden
rss-powerboat-sverige-podcast
har-vi-akt-till-mars-an
rss-uppgang-och-fall
rss-fabriken-2
rss-en-ai-till-kaffet
rss-snacka-om-ai
developers-mer-an-bara-kod