My Writing

I write about security leadership and technology, sharing strategies, practical frameworks, and field notes. My goal is to capture what I've learned and contribute to conversations in our community.

• Leadership Escaping the Vulnerability Management Hamster Wheel
  Most vulnerability programs are stuck in a loop of scanning, reporting, and patching that offers a false sense of accomplishment. Escaping this cycle requires shrinking the attack surface,...
• Communication Interactive Replays of Conversations: A New Tool
  Conversation replays add an engaging dimension to training materials and docs. Save the conversation and your annotations in a data file, then use my tool to generate a self-contained HTML player you...
• Artificial Intelligence Write Good Incident Response Reports Using Your AI Tool
  I released an MCP server to give your AI expertise to write good IR reports from raw notes or to get constructive feedback on existing content. You can replicate my approach to codify your own...
• Tools Publishing Your Website Content to AI Assistants
  When people ask AI assistants about your product or project, they often get outdated information. Here's how to publish your static website content directly to AI tools using Cloudflare Workers and...
• Privacy How Security and Privacy Teams Break Barriers Together
  Cybersecurity and data privacy leaders share fundamental goals despite having distinct expertise and priorities. A practical framework for aligning security and privacy efforts involves identifying...
• Leadership The CISO's Mindset: Outcomes, Automation, and Leadership
  The role of the CISO evolving into a blend of leadership and technical expertise, with increased accountability for business outcomes. Key trends include leveraging automation and AI to enhance...