My Writing

• Communication Slides for Presentation on Real-World Social Engineering Attacks
• Training Tying Shoelaces and Information Security
  Most people tie shoelaces with the weaker knot because the stronger version is harder for children to learn. Similarly, security "best practices" we've followed for years may not be optimal—tribal...
• Career Are Anxious People More Vigilant in Information Security?
  Research suggests nonanxious individuals may detect early warning signs of trouble better than anxious people, whose brains leap into action only after threats reach an obvious threshold. Calm...
• Risk Management The Risks of Remote Desktop for Access Over the Internet
  Exposing RDP to direct Internet connections is risky—beyond credential-guessing opportunities, critical vulnerabilities like CVE-2012-0002 can allow remote code execution without authentication....
• Career Hiring Strong Candidates for Information Security Roles
• Risk Management Why Are Executives More Prone to Accept Risks?
  Research links high status and power to greater trust in others and overconfidence in one's own knowledge. Executives may accept security risks while being overly trusting and without spending...