top of page
Search
The Danger of Comparisons (There’s Always One Level Above)
No matter what you experience, what level of achievement, results or status you attain there is always something that might be perceived...
Dec 2, 202310 min read
3,789
Bug Bounty Programs
There are still plenty of organizations that don’t have a well defined and accessible bug bounty program. More surprisingly, there are...
Nov 18, 20238 min read
1,921
Caricatures of Security People
The great thing about the security industry is it’s made up of a variety of roles and people from many backgrounds, disciplines, skill...
Nov 4, 20237 min read
19,709
Career Development: 13 Formative Moments (Part 2)
The skills for your role and your leadership style build up throughout your career. But I’ve found, personally and in talking to others,...
Oct 21, 202312 min read
1,146
Career Development: 13 Formative Moments (Part 1)
The skills for your role and your leadership style build up throughout your career. But I’ve found, personally and in talking to others,...
Oct 7, 202316 min read
3,038
Is Complexity the Enemy of Security?
Since the last post about leverage points in managing complex systems I thought it would be good to revisit and update a post from a few...
Sep 23, 20237 min read
2,410
Leverage Points - A Cybersecurity Perspective
Security is an emergent property of the complex systems we inhabit. In other words, security isn’t a thing that you do, rather it's a...
Sep 9, 202314 min read
2,990
Security Budgets - Supply and Demand
Unless you’re doing continuous or quarterly budgeting, which some organizations do, then you’ll no doubt be getting ready for the long...
Aug 26, 20236 min read
4,385
Building Balanced Security Teams - Updated
As an industry we spend a lot of time talking about workforce development and skills shortages. However, we tend not to talk about how to...
Aug 12, 20234 min read
2,985
Confessions of a Public Speaker - Tips for Security Practitioners
Many of us have to regularly speak in public at a range of events large and small, public and private, staged and ad-hoc. As your career...
Jul 29, 202314 min read
6,059
Resilience Engineering - Step by Step
Resilience Engineering: Concepts and Precepts is an excellent collection of standalone essays, woven into a consistent whole on the...
Jul 15, 202313 min read
2,673
AI Consequence and Intent - Second Order Risks
There is a lot of good discussion and emerging methods to manage the risks of AI in various forms from training data protection, model...
Jul 1, 20233 min read
1,308
bottom of page