My Writing

• Malware Market Segmentation in Computer Attacks
  Computer attackers segment victims by organization size (focused enterprise targets vs. mass-scale SMBs), geography (paying more for North American infections), and industry. Defenders need to...
• Risk Management Know the Alternatives When Negotiating IT Risk Mitigation Approaches
  When business managers reject expensive security recommendations, present alternative mitigation options—such as virtual patching as a stopgap before code fixes. Understanding your BATNA (Best...
• Career Which Information Security Job Titles Are Least and Most Common?
• Risk Management Choice Fatigue Might Affect Cybersecurity Decisions
  Research shows judges grant parole more often after meals because mental exhaustion from repeated decisions leads to status-quo choices. Security professionals making continuous decisions about...
• Incident Response How Much Should an Information Security Book Cost?
• Malware A Look at Today's Computer Attack and Defense Landscape
  Modern threats use social engineering to bypass technical defenses, target workstations through browsers, compromise web applications, and maintain long-term interests in compromised environments....