Security Blog

Posts about my work in Engineering, IT, and Security

photo of woman wearing white shirt

Tough Goodbyes: Five Questions to a Resigning Employee

Nobody enjoys losing a top performer. As a leader, it can be a heavy blow, particularly when the person is a critical player on your team. When faced with these tough goodbyes, we might ask ourselves – “What could I have done differently? Is there a chance they might stay?” Over the course of my career in leadership I’ve had a number employees find their next great opportunity…

Read More

Firewall and Old Fashioned: Embracing Classics

Cybersecurity: Understanding Firewalls A firewall is akin to the bouncer at the entrance of a swanky nightclub. It decides who gets in, and who’s left standing outside. Just like our bouncer, a firewall monitors and controls incoming and outgoing network traffic, ensuring unwanted guests stay out. For the beginners: imagine your computer as a house. A firewall is like the main door – it keeps unwanted visitors out…

Read More

Peak Performance: Burnout and Sustainable Success

We all chase success, often associating it with relentless work and perpetual busyness. But in doing so, we might find ourselves on the cusp of burnout, a state of chronic physical and emotional exhaustion. The book “Peak Performance” sheds light on this very conundrum, offering insights into sustainable high performance. One of the book’s vital lessons is the intricacies of burnout and how it intertwines with every facet…

Read More
Role power might not help you control the sun but you should understand it when leading a team

Role Power and Other Tools for Security Engineering Management

Introduction Leadership intricately weaves with the dynamics of power when influencing teams, partner departments, the organization, and even customers, especially in Security Engineering. The Manager Tools podcasts introduced me to this paradigm of role power, highlighting the research by French and Raven on power types. Just as Aunt May wisely stated, “With great power comes great responsibility.” As a budding manager, it’s pivotal to understand the interplay between…

Read More

ChatGPT for Threat Intelligence: Proactive Security with AI

As we progress into an era of increasing cybersecurity threats and expanding digital footprints, the need for effective threat intelligence cannot be overstated. In our previous posts, we’ve explored the vast potential of AI, specifically OpenAI’s GPT-4, in bolstering our information security stance. From crafting policies to assisting with third-party vendor assessments, we’ve seen first-hand how this powerful AI model can streamline and enrich various aspects of a…

Read More

Vendor Assessment with ChatGPT: Streamline Security with AI

In a previous post, we explored the vast potential of OpenAI’s GPT-4 in the information security space, specifically how it could augment security teams by running third-party vendor assessment with ChatGPT. We now turn the theoretical into practical by sharing our experience of running a vendor security assessment. Building a policy library from scratch can be a daunting task, but with GPT-4, we’ve streamlined the process. The key…

Read More

The First 90 Days: Navigating Leadership Transitions

Opening ‘The First 90 Days’ by Michael D. Watkins is a powerful guide for any leader stepping into a new role. Whether you’re the one transitioning into a new job or a manager looking to onboard a new hire effectively, the book offers invaluable insights and a robust framework for success. Key Themes and Concepts The key message is that the initial phase in a new role is…

Read More

GPT-4 GRC: Building Information Policies with AI

When it comes to startup operations, one aspect that can often be overlooked in the early stages is the development of a comprehensive and robust policy library. This is especially important when considering information policies, which govern the use, management, and security of data and technology in your organization. Establishing these policies not only sets clear expectations for employees but also assures customers about your company’s commitment to…

Read More
Not exactly Crostini with ansible, but crostini with spreads

Crostini with Ansible: Powering up ChromeOS

As the adoption of Chromebooks in enterprise security continues to rise, so does the demand for robust productivity solutions tailored for these devices. In the earlier post, we explored the fundamental security advantages of Chromebooks and touched upon the potential of using them as enterprise computers. Now, we delve into the realm of power users and address a key management challenge inherent to ChromeOS’s Linux container and how…

Read More
white laptop on a green meadow

Chromebooks for Enterprise Security: A Comprehensive Guide

When we mention enterprise computers, most of us instantly picture the typical Windows or macOS systems. But in this blog, I aim to challenge the norm and introduce an often-overlooked contender: Chromebooks. ChromeOS’s unique security features combined with a lightweight design make Chromebooks a compelling tool for modern businesses. Let’s delve deeper into why Chromebooks could be an intriguing choice for your enterprise security. Understanding Chromebooks for Enterprise…

Read More
1 2 3 4