My Writing

• Leadership Limitations of Frameworks in Information Security
  Security frameworks like ISO 27002 and PCI DSS provide structure, but organizations often adopt them blindly without considering applicability. Companies misinterpret prescriptive standards to suit...
• Malware Free Online Tools for Examining Suspicious PDFs
  Free online tools automate suspicious PDF analysis without local installation: QuickSand for manual structure exploration, Jsunpack and Wepawet for JavaScript deobfuscation, and Gallus for exploit...
• Risk Management Information Security Implications of the New Tech Bubble
• Privacy Learn the Future of Privacy and Social Interactions from Teens
  Adults see privacy as controlling what's made public—private by default. Teens think about what to exclude from being public—public by default. Understanding these emerging norms and teenagers'...
• Communication Explaining Your Progress to Clients or Colleagues
  Colleagues and clients who don't understand your specialized work may underestimate your value, especially when working remotely. Provide regular status updates, meet more often, and consider...
• Incident Response Making Sense of Digital Forensics and Incident Response Disciplines
  Digital forensics encompasses examining artifacts in databases, memory, network traffic, and mobile devices beyond traditional hard drive analysis. Incident response complements forensics with...