Security by Default

Joseph Carson

Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

  1. The Future of Cybersecurity in an AI-Driven World with Diana Kelley

    6H AGO

    The Future of Cybersecurity in an AI-Driven World with Diana Kelley

    In this episode of the Security by Default podcast, host Joe Carson welcomes Diana Kelley, a prominent figure in the tech industry, to discuss her journey in technology, the evolution of AI, and its implications for cybersecurity and the job market. They explore the historical context of AI, from early systems like ELIZA to modern advancements like Watson and ChatGPT, and address common misconceptions about AI's capabilities. The conversation also delves into the future of jobs in an AI-driven world, emphasizing the need for training and understanding of AI technologies. In this conversation, Joseph Carson and Diana Kelley discuss the evolution of jobs in the context of technological advancements, particularly focusing on AI and its implications for the workforce. They explore the necessity of continuous retraining and the emergence of new roles, the importance of contextual understanding in AI, and the behavior of AI agents. Additionally, they emphasize the need for control mechanisms in AI development and the importance of empowering women in cybersecurity to address the growing challenges in the field. Takeaways The podcast aims to bring clarity and transparency to the chaos in the tech world.Diana Kelley has a rich history in technology, starting from the DARPAnet in the 1970s.ELIZA was one of the first AI systems, designed to emulate a therapist.Watson's success in Jeopardy was due to its speed, not intelligence.AI's interaction with humans can lead to misconceptions about its capabilities.Chain of thought prompting has improved AI's problem-solving abilities.AI is a probability machine, not a sentient being.Training is essential for effective AI usage.The evolution of AI has implications for job security and creation.Legacy systems still require human oversight and expertise. The jobs we have today are constantly evolving due to technology.Retraining is essential to stay relevant in the workforce.AI will create new job opportunities in various fields.Understanding context is crucial for effective AI interaction.Prompt engineering is a vital skill in working with AI models.Control mechanisms are necessary for managing AI behavior.Empowering women in cybersecurity is critical for the industry's future.Community support is essential for fostering diversity in tech.Continuous learning is key to adapting to technological changes.Networking and mentorship play a significant role in career development. Chapters 00:00 Introduction to the Podcast and Guest 01:01 Diana Kelley's Journey in Tech 04:56 The Evolution of AI: From ELIZA to Watson 10:14 AI in Cybersecurity: Training Watson for Cyber 14:03 Understanding AI: Human-like Interaction and Misconceptions 16:33 Advancements in AI: Chain of Thought Prompting 20:11 The Future of Jobs in the Age of AI 21:20 The Evolution of Jobs and Skills 23:51 AI and Human Interaction 27:06 Contextual Understanding in AI 29:56 Agent Behavior and Control 32:58 Staying Informed in a Rapidly Changing Field 36:07 Empowering Women in Cybersecurity Resources & Links: ELIZA - Joseph Weizenbaum's AI ProgramDiana Kelley - LinkedInOWASP GenAI ProjectWomen in Cybersecurity (WiCyS)IBM WatsonOpenAI GPT ModelsAnthropic's Claude Connect with Diana Kelley: LinkedIn Enjoy this insightful conversation on the past, present, and future of AI and cybersecurity, highlighting the balance between innovation and responsible deployment.

    37 min
  2. Building Trust and Community in Cybersecurity Leadership with JC Vega

    MAY 12

    Building Trust and Community in Cybersecurity Leadership with JC Vega

    In this episode, cybersecurity expert JC Vega shares insights on effective communication, leadership, and risk management in cybersecurity. He emphasizes the importance of translating technical concepts for business leaders, building trust, and fostering community to enhance organizational resilience. keywords cybersecurity, leadership, risk management, communication, trust, community, organizational resilience, cybersecurity education keytopics Translating cybersecurity for non-technical audiencesBuilding champions within organizationsThe importance of trust and verification in securityCybersecurity as an enterprise survival issueLeveraging AI and technology responsibly sound bites "Validate and verify, don't just trust." "Train like it's a Super Bowl." "Leave a link, build a community." Chapters 00:00 Introduction to Cybersecurity Leadership 02:34 Translating Cybersecurity for Non-Technical Audiences 05:13 Building a Team of Champions 08:02 Understanding Business Impact and Risk 10:39 The Role of AI in Cybersecurity 12:58 Cybersecurity as an Enterprise Survival Problem 15:21 The Importance of Ecosystem Relationships 18:00 Trust and Zero Trust in Cybersecurity 20:28 Continuous Learning and Community Engagement resources Cyber Cannon Project - https://cybercannonproject.org/ B-Sides Conferences - https://www.bsidescon.org/ LinkedIn Profile of JC Vega - https://www.linkedin.com/in/jcvega/

    37 min
  3. AI, Cyber Skills & The Future of Security Training with Hack The Box's Gerasimos

    APR 28

    AI, Cyber Skills & The Future of Security Training with Hack The Box's Gerasimos

    In this special edition recorded live at RSA Conference, Joseph Carson is joined by Gerasimos Marketos (gmar), Chief Product Officer at Hack The Box. They explore how AI is reshaping cybersecurity skills, why traditional education is struggling to keep up, and how hands-on platforms are redefining how defenders and ethical hackers are trained. From real-world fraud detection to AI-powered CTF competitions, this episode dives into the evolving relationship between humans and machines in cybersecurity. 🔑 Key Themes & Topics AI vs Humans in cybersecurity competitionsWhy AI is an accelerator, not a replacementThe evolution from traditional training → hands-on gamified learningClosing the cybersecurity skills gapRed, Blue, and Purple team upskillingAI governance, risk, and agentic threatsThe future of cybersecurity careers and hiring ⏱️ Chapters 00:00 – Introduction & RSA Conference insights02:00 – GMar’s journey: Data → Fraud → Cybersecurity06:30 – Who and What is Hack The Box?10:30 – AI vs Humans: CTF research findings13:00 – AI as a productivity multiplier15:30 – Real-world example: AI winning competitions16:00 – RSAC trends: AI everywhere17:00 – AI governance & emerging risks18:00 – AI for security vs security for AI19:00 – Staying relevant in cybersecurity 🚀 Hack The Box Explained Hack The Box is a cybersecurity upskilling platform offering: 🎓 Academy – Structured learning paths🧩 Challenges & Labs – Hands-on environments🏁 CTFs (Capture The Flag) – Competitive exercises🏢 Pro Labs – Enterprise-scale simulations🔎 Talent Search – Connecting skilled professionals with employers It supports: Red Teams (Offense)Blue Teams (Defense)Purple Teams (Collaboration) Resources: https://www.hackthebox.com/ https://www.linkedin.com/in/gmarketos/ https://www.hackthebox.com/ai-augmented-cyber-workforce-report

    20 min
  4. The Analyst's Role in Cybersecurity: Bridging Gaps and Shaping Trends with Fernando

    APR 14

    The Analyst's Role in Cybersecurity: Bridging Gaps and Shaping Trends with Fernando

    In this episode, Fernando Montenegro shares his journey into the cybersecurity industry, insights on industry analysis, and the evolving trends shaping cybersecurity today. Discover how analysts bridge the gap between vendors, buyers, investors, and academia, and learn practical tips for engaging effectively with industry experts. key Takeaways Role of industry analysts in cybersecurityEmerging trends in cybersecurity including AI and attack surface expansionEffective engagement with analysts for decision supportStrategic cybersecurity budgeting and investmentInfluence of economics and incentives on security decisions sound bites "Understanding what's going on in the world" "Good enough security can be effective" "Workload AI versus workforce AI" Chapters 00:00 Introduction to Security by Default Podcast 00:53 Fernando Montenegro's Origin Story 05:16 The Role of an Industry Analyst 08:55 Maximizing Value from Analyst Interactions 13:16 Understanding AI in Conversations 15:44 Choosing the Right Solutions 16:40 Decision-Making in Technology and Business 17:13 Trends in Cybersecurity and AI 18:26 Understanding Workload vs. Workforce AI 19:40 The Evolving Role of Security Professionals 21:43 The Strategic Importance of Cybersecurity 23:58 Incentives and Decision-Making in Security 25:53 The Shift Left Approach in Development 27:16 Budgeting for Cybersecurity Investments 30:47 Navigating Cybersecurity Budgets 32:26 Engaging with Analysts and Staying Informed 34:33 Curating Information in a Data-Driven World 36:55 Balancing Operational and Strategic Insights 37:51 Connecting with Analysts and Final Thoughts Resources LinkedIn Profile of Fernando Montenegro - https://www.linkedin.com/in/fsmontenegro/ Futurum Group - https://futurumgroup.com/ Obsidian Knowledge Management System - https://obsidian.md/ Book: Why Most Security Budgets Go to Waste by Ross Young - https://a.co/d/02BZPwdO

    41 min
  5. The Cyber Hero Adventure - Making Security Engaging and Fun with Gary Berman

    MAR 31

    The Cyber Hero Adventure - Making Security Engaging and Fun with Gary Berman

    Join cybersecurity expert Joseph Carson and guest Gary as they explore innovative ways to make cybersecurity engaging, fun, and accessible. Discover how humor, storytelling, and community involvement can transform the industry and attract new talent. Chapters 00:00 Welcome to the Cybersecurity Chaos 02:32 From Fear to Fun in Cybersecurity 05:27 The Journey of a Cyber Advocate 08:09 The Importance of Community and Collaboration 10:45 Bringing Laughter Back to Cybersecurity 13:13 Rebranding Cybersecurity for New Talent 16:00 The Power of Words in Cybersecurity 18:43 Innovative Approaches to Cyber Awareness 21:29 Lessons from Kids: Simplifying Cybersecurity 24:39 The Inner Child and Cognitive Dissonance 26:40 Gamification and Learning Innovations 28:19 Storytelling in Cybersecurity 29:15 Cybersecurity Starts at Home 30:36 Community Engagement and Employee Connection 32:14 The Importance of Acknowledgment 34:13 Finding Joy in Everyday Life 35:11 Humor as a Coping Mechanism 40:04 The Power of Positive Thinking 45:02 Mission Accomplished: Fun and Safety Resources Cyber Heroes Comics - https://cyberheroescomics.com/ Gary's LinkedIn Profile - https://www.linkedin.com/in/gary-berman/

    47 min
  6. Inside the Digital Battlefield: Cybersecurity in Geopolitical Conflicts with Chris Kubecka

    MAR 17

    Inside the Digital Battlefield: Cybersecurity in Geopolitical Conflicts with Chris Kubecka

    Join Joseph Carson in this insightful episode as he interviews cybersecurity expert Chris Kubecka. They discuss critical infrastructure security, cyber warfare, geopolitical risks, and the evolving landscape of digital threats, providing valuable lessons for cybersecurity professionals and policymakers. Key Topics Cybersecurity in critical infrastructure Geopolitical cyber threats and hybrid warfare Evolving landscape of digital threats and resilience Sound bites "GPS jamming has been a massive challenge." "Digital Empires: China, Europe, and the US." "Radio communications are a vital fallback." Chapters 00:00 Introduction and Background of Chris Kubecka01:37 Cybersecurity Challenges in Critical Infrastructure03:37 Evolving Nature of Cyber Threats05:45 The Role of Drones in Modern Warfare07:25 Hybrid Warfare and Global Diplomacy10:10 The Shift in Global Cybersecurity Dynamics12:18 The Importance of International Cooperation14:33 Privacy and Ethics in Cybersecurity16:50 Historical Context and Regional Cooperation18:55 Cyber Attacks on Civilian Infrastructure22:04 Personal Experiences in Estonia24:10 Geopolitical Tensions and Cybersecurity25:52 Challenges in Maritime Connectivity28:16 Critical Infrastructure Vulnerabilities30:22 The Role of Radio in Authoritarian Regimes33:43 International Maritime Law and Cybersecurity37:46 Recent Projects and Activism in Cybersecurity39:51 Staying Informed in a Rapidly Changing Landscape Resources Chris Kubecka's LinkedIn - https://www.linkedin.com/in/chriskubecka/ Field Tested: How to Hack a Modern Dictatorship with AI - https://www.amazon.com/dp/B0C7F4XYZ

    45 min
  7. How Gamification and Community Help Beginners Break Into Cloud and AI Security

    MAR 3

    How Gamification and Community Help Beginners Break Into Cloud and AI Security

    In this episode of the Security by Default podcast, host Joe Carson speaks with Ian Austin, co-founder of Pwned Labs, about his journey in cybersecurity, the evolution of learning in the field, and the challenges of Cloud and AI security. Ian shares insights on transitioning into cybersecurity roles, the importance of community engagement, and the need for continuous learning in an ever-evolving industry. They discuss the significance of gamification in training and the current trends in cloud security, emphasizing the importance of hands-on experience and collaboration. Key Takeaways Ian Austin is a co-founder of Pwned Labs, specializing in cloud and AI security training.His journey in cybersecurity began with help desk roles and evolved into penetration testing.Creating content is a great way to learn and contribute to the community.Cloud security presents unique challenges that require ongoing education and adaptation.Gamification in training enhances engagement but should not overshadow practical learning.Community involvement is crucial for personal and professional growth in cybersecurity.Transitioning into security roles can be done from various backgrounds, including sysadmin and help desk.Continuous learning is essential in the fast-paced cybersecurity landscape.Mentorship can significantly impact career development and confidence.Cloud security is a growing field with increasing demand for skilled professionals. sound bites "Learning is a great way to learn." "Community is a powerful thing." "Cloud is hard to secure." Chapters 00:00 Introduction to the Podcast and Guest 00:40 Ian Austin's Journey in Cybersecurity 06:40 Transitioning into Security Roles 10:54 Evolution of Learning in Cybersecurity 16:19 The Importance of Community in Learning 22:58 Challenges in Cloud Security 28:46 Staying Updated in the Cybersecurity Field Resources: https://pwnedlabs.io/ https://www.linkedin.com/in/ian-austin/

    33 min
  8. Cracking Passwords and the Future of Passwords with Evil Mog

    FEB 17

    Cracking Passwords and the Future of Passwords with Evil Mog

    In this episode of the Security by Default podcast, host Joe Carson welcomes Evil Mog, an expert in password cracking and cybersecurity. They discuss the importance of Hacker Jeopardy in making cybersecurity fun, the ongoing challenges with passwords, and the evolving role of AI in password cracking. The conversation also touches on incident response, the significance of documentation, and the future trends in cybersecurity, including the shift towards passwordless authentication and the impact of AI on both attackers and defenders. Takeaways Hacker Jeopardy is a fun way to engage with cybersecurity.Teaching others helps reinforce your own knowledge.Passwords will remain a necessary evil in security.AI is enhancing password cracking methodologies.Documentation is crucial in incident response.The cost of hacking is increasing due to advanced techniques.Collaboration between red and blue teams is essential.Insider threats are on the rise in cybersecurity.Password management is fundamentally an asset management issue.Future trends indicate a shift towards passwordless authentication. Sound bites "Teaching helps you learn better." "Security is about enabling the business." "The cost of hacking is rising." Chapters 00:00 Introduction to Evil Mog and Hacker Jeopardy02:37 The Importance of Community and Teaching in Cybersecurity05:22 Password Security: The Louvre Incident07:59 The Evolution of Authentication Methods10:35 Challenges in Asset Management and Password Management13:15 Operational Technology (OT) Security Challenges15:53 The Role of Documentation in Cybersecurity18:42 AI in Cybersecurity: Automation and Password Recovery21:52 AI in Password Cracking24:56 Enhancing Human Capabilities with AI27:18 The Evolution of Cybercrime30:02 Trends and Predictions for Cybersecurity34:41 Collaboration in Cybersecurity37:24 The Future of Cybercrime and AI40:59 Connecting with Evil Mog

    42 min
See All (31)

About

Security by Default is a cybersecurity podcast hosted by Joseph Carson, a renowned ethical hacker and security expert. Each episode dives into the latest security trends, real-world threats, and practical advice for staying safe in the digital world. With insightful interviews and clear explanations, Joseph makes complex topics accessible for both IT professionals and curious listeners alike.

Information

  • Creator
    Joseph Carson
  • Years Active
    2025 - 2026
  • Episodes
    31
  • Rating
    Explicit
  • Copyright
    © Copyright 2026 Joseph Carson
  • Show Website
    Security by Default