Latest
Apr
27
Encryption is Overrated
Years ago I found myself in one of those awkward elevator pairings where you are unexpectedly face to face with
3 min read
Dec
07
Network Egress and Ingress Fundamentals
There is a lot of confusion about network ingress and egress. This isn't limited to junior staff; I've witnessed this
5 min read
Nov
22
Cyber Governance: What is Fair to Expect from Board Directors and Management? 2 of 4
Episode 2: Risks
In Episode 1 of this series I talked about oversight of cybersecurity threats and how a Board
6 min read
Nov
11
Bad CISO Archetypes
As part of my advisory work, I often help companies find and/or interview security leaders. While I'm a huge
4 min read
Oct
20
Episode 07 - Bug Bounties with guest Casey Ellis
Bugcrowd founder Casey Ellis joins #lifeafterCISO to talk about bug bounty programs in the wake of the Joe Sullivan Uber
1 min read
Oct
17

Cyber Governance: What is Fair to Expect from Board Directors and Management? 1 of 4
With mounting pressure around cyber literacy in the Boardroom, Directors are looking for specifics around what will be expected of
8 min read
Sep
10

An open letter to a fresh cybersecurity hire
Congratulations on your first cybersecurity job! Whether you are just entering the workforce or pivoting to a new field, here
4 min read
Sep
06
Episode 06 - Retire Many Times with guest Sounil Yu
Sounil Yu joins the #lifeafterCISO podcast and shares the idea of "retiring many times". Sounil is the renowned author of
1 min read
Aug
23
Episode 05 - Deciding When It's Time to Go with guest Jason Chan
An essential part of moving on from a long tech career is just figuring out when the time is right.
1 min read
Aug
22

Vulnerability management is dead. But GRC is hiring...
I used to have a TVM team. Threat & Vulnerability Management. The individuals in there had the word "Vulnerability" in their
2 min read