AI may be changing how companies build, but it’s also changing how they get attacked, often by their own tools. Amazon Chief Security Officer Steve Schmidt has watched threat actors at every skill level get sharper, faster, and harder to contain. The risk he’s most focused on, however, isn’t coming from outside the firewall.
On this episode of TechCrunch’s Equity podcast, we’re bringing you a conversation Rebecca Bellan had with Schmidt at the HumanX conference in San Francisco. The two dug into what AI is already doing to the threat landscape and how Amazon is rethinking identity, containment, and human oversight to keep agents in check.
Subscribe to Equity on YouTube, Apple Podcasts, Overcast, Spotify and all the casts. You also can follow Equity on X and Threads, at @EquityPod.
Chapters:
00:00 Intro
01:05 How AI is leveling up threat actors at every skill level
02:16 The internal risk: shadow AI and the “open Claude on your laptop” problem
04:44 Agentic identity and why Amazon traces every action back to a human
07:18 Guardrails as an attack surface
09:50 Containment architecture: why agents should never run free
12:42 Human-in-the-loop and contingent authorization at Amazon
14:58 Security advice for startups: know what you have, label it early
18:35 Do startups actually need a CISO?
19:29 Outro
