The second blog article in a two article series on personal information security for executives.

The cybersecurity work you need to do as an internal AI is being designed, deployed and operated, so that the system you stand up to keep data safe actually keeps data safe.

A vCISO or a cybersecurity manager can be a valuable asset in getting a small or medium enterprise cybersecurity built, or on track and moving in a new direction.  However, if you are in a position to afford only one or the other, choose carefully.

Smart leaders make smart mistakes. These ten misconceptions show up again and again in small and mid‑sized companies. The goal of this article is to provide an executive understanding of cybersecurity that provides clarity rather than jargon.

The risk to small and medium enterprises (SMEs) has been rising lately.  Executives’ personal information, accounts, and technology provide a lucrative and often overlooked target.

People assume good intent until proven otherwise. The same instinct that builds teams and partnerships also allows adversaries to impersonate them.

In cybersecurity, compliance is often mistaken for protection. Unfortunately, that decision trades measurable comfort for invisible risk.

Telescope facilities on Mauna Kea in Hawaii I enjoyed presenting Securing the Weird at Bsides Bloomington 2025. Slides are below for...

I recently had the pleasure of presenting Stakeholder Management In a Crisis: Lessons From a Crisis Communicator at Bsides Bloomington ....

In this blog articles we explore the cybersecurity risks that exist outside your direct control.

Many organizations rely on SaaS platforms instead of traditional on-premises solutions, trading control for convenience. The risks of that trade-off are often misunderstood.

This is the fourth installment in an ongoing series called "Executive Missteps" on how business leaders, often unknowingly, sabotage their organization's cybersecurity...and how not to be that person.  Each is inspired by a true story (or several). Find previous installments here: Above the Law (1) , Shadow (IT) Man (2) , On Deadly Ground (3) . Avery (not his real name) is busy, like most CEOs.  His company is a regional powerhouse in the process of building out a handful of

Stop me if you have heard this before. A company suffers a massive IT outage. The culprit is not a hacker in a foreign country or a sophisticated piece of malware. It is an unlocked door.

This is the third installment in an ongoing series called "Executive Missteps" on how business leaders, often unknowingly, sabotage their organization's cybersecurity...and how not to be that person. Each is inspired by a true story (or several). Find the first installment here , and the second here . Cybersecurity risks brought in by M&A can leave an executive feeling like the ground is falling out from under them. It's been a busy month for our CEO as the company works on w

Most companies don’t realize how narrow and conditional cybersecurity insurance coverage really is until they need it.

Managers, project managers, and executives can increase code quality by improving the environment and incentives for development teams.... and that includes improving security.

Starting your first job as a software developer is both exciting and intimidating. You want to make a strong impression, but you may worry about making a mistake that harms the company.

This is the second installment in an ongoing series called "Executive Missteps" on how business leaders, often unknowingly, sabotage their organization's cybersecurity...and how not to be that person. Each is inspired by a true story (or several). Find the first installment here . It's a normal Wednesday morning when the SOC (Security Operations Center) manager gets a knock on her door. One of her analysts has learned that the company's mail server has appeared on major bla

"Any sufficiently advanced technology is indistinguishable from magic." — Arthur C. Clarke’s Third Law The magic cybersecurity box, as...

It's late on Friday afternoon, and the corporate help desk gets a phone call.  The CEO is in a panic.  His next move will cost the company dearly.