Become a Creator today!Start creating today - Share your story with the world!
Start for free
00:00:00
00:00:01
Play next
#408 - AI vs AI with Joseph Carson image

#408 - AI vs AI with Joseph Carson

E408 · Identity at the Center
Avatar
0 Plays21 minutes ago

Jeff and Jim welcome Joseph Carson, cybersecurity expert and host of the Security by Default podcast, for a conversation on AI in offensive and defensive security. Joseph shares the real-world incident that inspired his EIC keynote - watching two AI agents negotiate a ransomware payment live. He breaks down how attackers use unconstrained models to lower the skill barrier and accelerate data exfiltration. The conversation covers NATO Lock Shields, the world's largest live cyber defense exercise, identity as national critical infrastructure, and the EU AI Act's risk-based approach. Also: Estonia's AI tax agents, the energy cost of being polite to AI, and the Tamagotchi theory of human-AI relationships.


Connect with Joseph: https://www.linkedin.com/in/josephcarson


NATO Locked Shields: https://ccdcoe.org/exercises/locked-shields/


Security by Default podcast (Spotify): https://open.spotify.com/show/0mzN5M5CkFVLn8fq5TnH0O




Connect with us on LinkedIn:


Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/


Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/


Visit the show on the web at http://idacpodcast.com




TIMESTAMPS

00:00 Welcome and intro

03:02 Conference season and IDAC discount codes

04:19 Introducing Joseph Carson and Security by Default

10:18 Optimist or pessimist on identity security

12:30 AI vs. AI - origin of the concept

15:02 Watching two AI agents negotiate a ransomware payment

17:26 The Tamagotchi metaphor for human-AI relationships

19:07 Who is winning the AI cyber arms race

21:00 How AI accelerates attacker capabilities

23:09 Dark web LLMs and bypassing guardrails

26:36 The energy cost of being polite to AI

28:15 Agentic AI skills, campaigns, and the Matrix analogy

31:34 Estonia AI agents filing tax returns

35:14 Introducing NATO Lock Shields

37:00 Protecting a simulated nation from 8,500 cyber attacks

38:08 Why identity is national critical infrastructure

41:18 AI in Lock Shields before and after

43:05 Lock Shields 2025 scoring explained

47:04 The EU AI Act - is it the next GDPR

50:18 Risk-based approach to AI regulation

53:35 Closing thoughts and cautious optimism

54:21 Scuba diving vs. snowboarding

58:05 Wrap-up




KEYWORDS

AI vs AI, agentic AI, identity security, NATO Lock Shields, EU AI Act, Joseph Carson, Security by Default, ransomware, dark web LLMs, guardrails, data exfiltration, phishing, critical infrastructure, Estonia, cyber defense, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald


Recommended
#407 - Sponsor Spotlight - Rubrik image
#407 - Sponsor Spotlight - Rubrik
E407 · Identity at the Center
00:54:42·5 days ago
#406 - IDAC MailBag for February 2026 image
#406 - IDAC MailBag for February 2026
E406 · Identity at the Center
01:04:22·7 days ago
#405 - RSM 2026 Attack Vectors Report image
#405 - RSM 2026 Attack Vectors Report
E405 · Identity at the Center
01:11:24·13 days ago
#404 - Sponsor Spotlight - Bravura Security image
#404 - Sponsor Spotlight - Bravura Security
E404 · Identity at the Center
00:55:02·18 days ago
#403 - Strategic Identity Security with Simon Moffatt image
#403 - Strategic Identity Security with Simon Moffatt
E403 · Identity at the Center
01:04:07·20 days ago
#402 - An Update on SSF and CAEP with Atul Tulshibagwale image
#402 - An Update on SSF and CAEP with Atul Tulshibagwale
E402 · Identity at the Center
01:01:56·27 days ago
#401 - Sponsor Spotlight - PlainID image
#401 - Sponsor Spotlight - PlainID
E401 · Identity at the Center
00:52:11·1 month ago
#400 - Celebrating 400 episodes of IDAC image
#400 - Celebrating 400 episodes of IDAC
E400 · Identity at the Center
01:11:39·1 month ago
#399 - Navigating Identity Security in the Age of AI with Jeff Margolies image
#399 - Navigating Identity Security in the Age of AI with Jeff Margolies
E399 · Identity at the Center
00:56:55·1 month ago
#398 - Solving the AI Identity Challenge with Martin Kuppinger image
#398 - Solving the AI Identity Challenge with Martin Kuppinger
E398 · Identity at the Center
00:55:33·1 month ago
#397 - RSM & IDAC Present - The Intersection of Resiliency, Recovery, and IAM image
#397 - RSM & IDAC Present - The Intersection of Resiliency, Recovery, and IAM
E397 · Identity at the Center
00:50:07·1 month ago
#396 - Gartner IAM Summit - Majority Rules image
#396 - Gartner IAM Summit - Majority Rules
E396 · Identity at the Center
00:31:22·1 month ago
#395 - Sponsor Spotlight - Redblock image
#395 - Sponsor Spotlight - Redblock
E395 · Identity at the Center
00:55:09·2 months ago
#394 - How Digital ID Can Solve the Fraud Crisis with Sarah Clark image
#394 - How Digital ID Can Solve the Fraud Crisis with Sarah Clark
E394 · Identity at the Center
00:46:26·2 months ago
#393 - Breaking the Tyranny of Joiner, Mover, Leaver with Ian Glazer image
#393 - Breaking the Tyranny of Joiner, Mover, Leaver with Ian Glazer
E393 · Identity at the Center
00:57:38·2 months ago
#392 - Identiverse DC - Majority Rules image
#392 - Identiverse DC - Majority Rules
E392 · Identity at the Center
00:28:43·2 months ago
#391 - Live from Identiverse DC with John DelMauro image
#391 - Live from Identiverse DC with John DelMauro
E391 · Identity at the Center
00:32:44·3 months ago
#390 - Identity Management for Agentic AI with Tobin South image
#390 - Identity Management for Agentic AI with Tobin South
E390 · Identity at the Center
00:55:53·3 months ago
#389 - Sponsor Spotlight - Aembit image
#389 - Sponsor Spotlight - Aembit
E389 · Identity at the Center
00:53:32·3 months ago
#388 - Fraud Reduction Intelligence Platforms with John Tolbert image
#388 - Fraud Reduction Intelligence Platforms with John Tolbert
E388 · Identity at the Center
00:59:29·3 months ago