My Writing

• Malware The Worst Information Security Advice Ever
  A collection of terrible security advice gathered from Twitter: use short passwords, rely solely on firewalls for protection, skip testing before production deployment, avoid logging to prevent...
• Product Management The Company of Self: A Career Development Org Chart
  Managing one's career can be approached by treating oneself as the CEO of a company with multiple departments: product development (skills), sales and marketing (visibility), R&D (continued...
• Risk Management Understand the Risks of Email Search Add-Ons and Services
  Cloud email search tools like Greplin and Xobni index messages and contacts across services, creating attractive targets for attackers. Most vendors provide little detail about security measures....
• Malware APT Cartoon #6: APT Goes Mainstream on TV
• Malware Why I Make Fun of Advanced Persistent Threat (APT)
• Malware Market Segmentation in Computer Attacks
  Computer attackers segment victims by organization size (focused enterprise targets vs. mass-scale SMBs), geography (paying more for North American infections), and industry. Defenders need to...