Risky Business Features Interview: Former NSA and CIA cyber leaders on offensive AI
Mar 27, 2026
Andy Boyd, former CIA cyber leader now CEO of Red Lattice, talks insider threat and defensive readiness. Rob Joyce, former NSA exec, explains offensive cyber ops and how AI shifts attack scaling. They discuss AI automating discovery, cloud scanning at scale, attacker augmentation, and why exploit leaks feel routine.
AI Snips
Chapters
Transcript
Episode notes
AI Ends Defender Information Advantage
- AI erases information asymmetry that once favored defenders.
- Rob Joyce explains AI can unrelentingly map networks, find misconfigurations, shadow IT and unpatched devices that attackers historically exploited manually.
Speed and Scale Beat Novelty
- Offensive success will come from automating known techniques at speed and scale rather than novel attacks.
- Rob Joyce and Patrick Gray note AI parallelizes operations (e.g., many copies running) and targets common 'dumpster fire' misconfigurations.
Invest Now To Defend Against AI Attacks
- Prioritize defensive investment and modernize government CISOs' tooling and budgets.
- Andy Boyd urges allocating resources to apply AI tools defensively across classified and unclassified networks before attackers scale.