My Writing

I write about security leadership and technology, sharing strategies, practical frameworks, and field notes. My goal is to capture what I've learned and contribute to conversations in our community.

• Privacy How Security and Privacy Teams Break Barriers Together
  Cybersecurity and data privacy leaders share fundamental goals despite having distinct expertise and priorities. A practical framework for aligning security and privacy efforts involves identifying...
• Leadership The CISO's Mindset: Outcomes, Automation, and Leadership
  The role of the CISO evolving into a blend of leadership and technical expertise, with increased accountability for business outcomes. Key trends include leveraging automation and AI to enhance...
• Authentication What to Do With Products Without SSO?
  Single Sign-On (SSO) acts as a crucial chokepoint for modern defense, centralizing authentication to enforce security measures and monitor access. When purchasing SaaS products without SSO,...
• Leadership Transform the Defender's Dilemma into the Defender’s Advantage
  The "defender's dilemma"—that defenders must be perfect while attackers only need to be right once—is a misconception that undervalues the strategic position of security teams. By adopting a...
• Leadership Are CISOs of Security Vendors in Your Community?
  CISO events often exclude security leaders from cybersecurity vendors to prevent sales pitches, but this overlooks the value these leaders bring and fails to address other potential conflicts....
• Communication How to Write Good Incident Response Reports
  Writing effective incident response reports is essential for communicating critical details, instilling confidence, and facilitating organizational learning. A good report should be concise,...