Sign up to save your podcasts
Or
Share Joseph Carson of Segura
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Joseph Carson of Segura
In this annual recap from the sidelines of RSAC 2026, Jeremy is joined by Joseph Carson, Chief Security Evangelist at Segura. They discuss a conference floor that felt more like an AI event than a cybersecurity one, exploring the convergence of agentic AI and identity security. Joseph shares critical insights from the Estonia "Digital Nation" playbook, the growing risk of non-human identities, and why organizations must move from "hope as a strategy" to a proactive resiliency model that assumes physical and digital disruption.
Key Episode Highlights:
- The AI Convergence: Joseph and Jeremy observe that AI has become the "fuel to the fire" for cybersecurity. While AI helps defenders move at the pace of attackers, it requires rigorous guardrails like least privilege and security by design to be successful.
- Identity of the Machine: A major theme of the conference was non-human identities. Joseph argues that AI agents should never use human credentials but should instead rely on ephemeral, just-in-time (JIT) keys to maintain accountability and limit the blast radius.
- Estonia’s Resiliency Playbook: Joseph details how Estonia transitioned from a target of cyber war to a resilient digital nation. He highlights the use of "Data Embassies"—storing sovereign data in geographically distributed, diplomatically protected locations—to ensure the country can "reboot" even after a total local failure.
- Beyond Cybersecurity to Physical Impacts: The discussion shifts to how attackers are reverting to "cheap" physical disruptions like GPS jamming and cutting undersea data cables when digital defenses become too strong.
- The "Luck" Trap: Referencing the famous Maersk ransomware recovery, Joseph warns that finding a single surviving backup by chance is not a strategy. Organizations must simulate worst-case scenarios, including the loss of their identity provider (IdP) or primary cloud vendor.
About Joseph
Joseph Carson is Chief Security Evangelist and Advisory CISO at Segura, where he helps organizations worldwide strengthen identity security and build resilient cyber defense strategies. An award-winning cybersecurity leader with more than three decades of experience, Joe has advised governments, critical infrastructure, and global enterprises. He is the author of Cybersecurity for Dummies, read by over 50,000 professionals, and a regular contributor to leading outlets including The Wall Street Journal and Dark Reading. Joe also hosts the podcast Security by Default and is a frequent keynote speaker on identity and AI-driven threats.
Episode Links
- Security by Default Podcast: https://open.spotify.com/show/0mzN5M5CkFVLn8fq5TnH0O
- Joseph on LinkedIn: https://www.linkedin.com/in/josephcarson/
- Segura Website: https://segura.security/
View all episodes
By Jeremy SnyderIn this annual recap from the sidelines of RSAC 2026, Jeremy is joined by Joseph Carson, Chief Security Evangelist at Segura. They discuss a conference floor that felt more like an AI event than a cybersecurity one, exploring the convergence of agentic AI and identity security. Joseph shares critical insights from the Estonia "Digital Nation" playbook, the growing risk of non-human identities, and why organizations must move from "hope as a strategy" to a proactive resiliency model that assumes physical and digital disruption.
Key Episode Highlights:
- The AI Convergence: Joseph and Jeremy observe that AI has become the "fuel to the fire" for cybersecurity. While AI helps defenders move at the pace of attackers, it requires rigorous guardrails like least privilege and security by design to be successful.
- Identity of the Machine: A major theme of the conference was non-human identities. Joseph argues that AI agents should never use human credentials but should instead rely on ephemeral, just-in-time (JIT) keys to maintain accountability and limit the blast radius.
- Estonia’s Resiliency Playbook: Joseph details how Estonia transitioned from a target of cyber war to a resilient digital nation. He highlights the use of "Data Embassies"—storing sovereign data in geographically distributed, diplomatically protected locations—to ensure the country can "reboot" even after a total local failure.
- Beyond Cybersecurity to Physical Impacts: The discussion shifts to how attackers are reverting to "cheap" physical disruptions like GPS jamming and cutting undersea data cables when digital defenses become too strong.
- The "Luck" Trap: Referencing the famous Maersk ransomware recovery, Joseph warns that finding a single surviving backup by chance is not a strategy. Organizations must simulate worst-case scenarios, including the loss of their identity provider (IdP) or primary cloud vendor.
About Joseph
Joseph Carson is Chief Security Evangelist and Advisory CISO at Segura, where he helps organizations worldwide strengthen identity security and build resilient cyber defense strategies. An award-winning cybersecurity leader with more than three decades of experience, Joe has advised governments, critical infrastructure, and global enterprises. He is the author of Cybersecurity for Dummies, read by over 50,000 professionals, and a regular contributor to leading outlets including The Wall Street Journal and Dark Reading. Joe also hosts the podcast Security by Default and is a frequent keynote speaker on identity and AI-driven threats.
Episode Links
- Security by Default Podcast: https://open.spotify.com/show/0mzN5M5CkFVLn8fq5TnH0O
- Joseph on LinkedIn: https://www.linkedin.com/in/josephcarson/
- Segura Website: https://segura.security/