Explore topics such as Cyberwarfare / Nation-State Attacks,
Events,
and Fraud Management & Cybercrime.
CISO Joe Carson Discusses How NATO’s Locked Shields Enhances Defense Readiness
Every year, the imaginary island nation of Berylia finds itself under severe cyberattack, requiring hundreds of volunteers across eighteen different teams to fend off more than 8,000 cyber violations targeting its vital infrastructure and government services.
Berylia may be fictional, yet it serves as the backdrop for one of the world’s largest red team-blue team exercises—Locked Shields. Sponsored annually since 2010 by the NATO Cooperative Cyber Defence Centre of Excellence, this initiative draws thousands of cybersecurity professionals eager to test their capabilities, including Joe Carson, the Chief Security Evangelist and Advisory CISO at Segura.
In discussing the exercise, Carson emphasized the urgency of collaboration during a cyber crisis, stating, “Your systems are failing, credentials are compromised, and services are disrupted. We must unite to defend these systems. No nation can tackle this alone.” Such exercises prepare participants for the multifaceted challenges they may face during real-world attacks.
Locked Shields equips defenders with skills under pressure, facilitates collaboration, and establishes essential communication channels ahead of potential threats. “Our ultimate goal is to strengthen nations’ resilience against cyberattacks and contribute to global security,” he added.
In a video interview with Information Security Media Group during the RSAC Conference 2025, Carson analyzed several evolving threats. He highlighted the transformation of phishing and social engineering tactics in light of advancements in generative artificial intelligence tools, and how cybercriminals leverage these technologies to reduce their operational costs.
With over 25 years in enterprise security, Carson is a recognized ethical hacker and author of “Privileged Account Management for Dummies” as well as “Cybersecurity for Dummies.” Throughout his career, he has served multiple governments, critical infrastructure sectors, and financial institutions, presenting at conferences on a global scale, emphasizing the importance of defense preparedness in an increasingly complex cyber threat landscape.
