Information Asymmetry & InfoSec: Negative Fun. Limited Profit.
In Wealth of Nations, Adam Smith starts to build out a concept called “Information Asymmetry” concerning free markets. I say he “starts...
Towards a Better Solution Presentation and Demo
I’ve talked, written, and tweeted my ideas on presenting technical solutions before. This post is along those same lines with new...
Embracing Authentic Communication and Nixing Corporate Speak
Like most people, I’m constantly looking to improve my written and oral communication skills. As such, over the years I’ve made a number...
Understanding The World of Resellers
In the IT industry, whenever you want to purchase hardware, software, and sometimes services, there are two ways you can do it: direct...
Clear Messaging for AppSec Success
I caught S03E05 of the Application Security podcast the other day; “SAST, DAST, and IAST. Oh my!” It featured Pete Chestna...
A Security Architect: The Key Attributes
I’ve been doing a lot of thinking lately about my years in Information Security. I think it’s pretty normal for people my age with my...
Counterpoint: Ambulance Chasing Works
I recently made the case that the vendor community's response to Wannacry and Petya/notPetya were counterproductive and classless. I’d...
Staying Informed in InfoSec
Years ago my friend Nick and I were trying to find people to fill a few InfoSec roles. So we set out, bright-eyed and bushy-tailed,...
On MS17-010 and Ambulance Chasing
I had a mild Twitter outburst this week that got a relatively large amount of exposure (for me). So I thought maybe I’d take a step back...
Attract and Retain Women in InfoSec with The Rooney Rule
We’ve been doing a lot of talk in the InfoSec about hiring and retaining women in our field. The conversation is happening in the...