My Writing

• Leadership Distribute Cybersecurity Tasks with Diffusion of Responsibility in Mind
  The common adage that "security is everyone's responsibility" often fails due to the diffusion of responsibility, where individuals assume someone else will act. Effectively distributing...
• Product Management How Security Can Better Support Software Engineering Teams
  Security and software engineering teams often operate with different incentives, creating friction when trying to weave security into the development lifecycle. Bridging this gap requires...
• Incident Response A Report Template for Incident Response
  Effective incident response relies on clear communication and structured documentation to ensure incidents are handled consistent with stakeholder expectations. A customizable incident report...
• Leadership Security Leaders Can Lower Expenses While Reducing Risk
  In a climate of budget constraints, cybersecurity leaders can find opportunities to cut costs while actually strengthening their security posture. By adopting zero-based budgeting and identifying...
• Cloud Withholding Single Sign-On from SaaS Customers is Bad for Business and Security
  Many SaaS vendors restrict Single Sign-On (SSO) to their most expensive enterprise tiers, a practice that undermines the security of smaller customers. This pricing strategy is misguided, as SSO is a...
• Leadership Three Ways CISOs Can Drive More Meaningful Collaboration
  Modern CISOs must evolve from pure technologists into business leaders who actively collaborate with non-IT stakeholders. By gaining situational awareness, demonstrating how security supports...